Re: BIG NetScape Bug!!!!!!!!!!!!!!!!1 (fwd)
Let's not over-react, please. This bug *only* allows people to see
files that the user running Netscape has access to, and *only* if it
already knows the names of these files. On a Debian 1.3 machine,
which uses shadow passwords, essentially the only thing that would be
of use for people would be files in your home directory. And since
there are no predictable patterns for these files, it would be
difficult to construct a web page that would cause serious harm.
George Bonser <grep@oriole.sbay.org> writes:
> Better take this SERIOUSLY folks, it is a VERY big bug ... major security
> hole. It allows a server to see EVERYTHING on the client filesystem.
>
>
> George Bonser
> grep@oriole.sbay.org, grep@concentric.net
>
> ---------- Forwarded message ----------
> Date: Thu, 12 Jun 1997 21:06:45 -0500
> From: Francisco Benavides <txmfrbg@txm.ericsson.se>
> Reply-To: caldera-users@caldera.com
> To: caldera-users@caldera.com
> Subject: BIG NetScape Bug!!!!!!!!!!!!!!!!1
>
> Hi,
>
> A HUGE flaw was uncovered in the new NetScape, for more details:
>
> http://cnnfn.com/digitaljam/9706/12/netscape_pkg/
>
> Bye/Francisco :)
>
>
> --
> TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
> debian-user-request@lists.debian.org .
> Trouble? e-mail to templin@bucknell.edu .
>
--
John Goerzen | Running Debian GNU/Linux (www.debian.org)
Custom Programming |
jgoerzen@complete.org |
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: