Home page logo
/

bugtraq logo Bugtraq mailing list archives

Netscape Referer header considered harmful?
From: ron () FARMWORKS COM (Ronald L. Parker)
Date: Mon, 4 Aug 1997 11:10:15 -0400


-----BEGIN PGP SIGNED MESSAGE-----

I found something I consider mildly disturbing while browsing my
referer log stats today.  Viewers to our site today have been referred
from the following URLs:

file:///Hard%20Disk/System%20Folder/Preferences/Netscape%20%C4/Bookmar
s.html
file:C:\NETSCAPE\COMM\PROGRAM\USERS\DEFAULT\BOOKMARK.HTM
file:///molly's%20bookmarks/molly's%20bookmarks

As you can see, this is a cross-platform problem.  What I don't know
is whether these were sent by people just picking the bookmark from
the dropdown or by people using their bookmarks file as a home page.
Not having Communicator myself, and not planning to get it any time
soon, I can't test this.  In any case, file: URLs should be private.

The last one is particularly interesting, given that it can be
correlated with an IP address.  I don't know what you call your
bookmarks, but mine are called "Ron Parker's Bookmarks," based (I
think) on my identity as told to the mail/news subsystem.  So, had I
been cutting-edge enough to use Netscape 4.0, I would now be telling
my full name to every site in my bookmarks file.

Of course, this can also lead to my knowing into exactly which
directory you've installed Communicator.  This could be useful
information as well, and could help to mount an attack on your
private email or the list of newsgroups to which you subscribe.

In addition, again given that I have your IP address to work with, I
might now know something about the internal network structure of your
organization (not exemplified by any of the above sites, but think
about where you would store your bookmarks if you were using a
diskless workstation.  Would you be giving me a machine name or just a
drive letter?)  This information could be invaluable as part of an
attempt to bypass your firewall.

- --
Ron Parker
Webmaster
Farm Works Software       Come see us at http://www.farmworks.com
For PGP public key see http://www.farmworks.com/Ron_Parker_PGP_key.txt
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv

iQB1AwUBM+Xuhdn/ugmVuayZAQFrUwL+LUeoDc/P6ukxNfaNLP88ttXj9HiTAopa
eL9Dab+v8njn94pEwsZls3Qkee3cfedFDsOEZzdNN1bCck6wWoKZtnaQVT8JnDax
tamq9gMzB0RMxuQFnyt0J6SCOaHpL0Kt
=PFqq
-----END PGP SIGNATURE-----



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault