Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: BrownOrifice can break firewalls!

From: "TAKAGI, Hiromitsu" <takagi () ETL GO JP>
Date: Sat, 12 Aug 2000 05:33:29 +0900
On Thu, 10 Aug 2000 09:04:32 +0200
"Greulich, Andreas" <Andreas.Greulich () ISB ADMIN CH> wrote:

I am quite surprised about the low echo the newest bug in Netscapes Java
library (see http://www.brumleve.com/BrownOrifice/) receives. I am quite
worried about it because I think its impact is much higher than the
"WWW-server-applet" you find on above page.


This can be verified by trying the following refined proof of concept
Applet.
http://java-house.etl.go.jp/~takagi/java/test/Brumleve-BrownOrifice-modified-netscape.net.URLConnection/Test.html

I have confirmed that Mac OS version is also affected.


Regards,
--
Hiromitsu Takagi
Electrotechnical Laboratory
http://www.etl.go.jp/~takagi/
Previous By Date Next
Previous By Thread Next

Current thread: