Bugtraq: Re: Netscape exploit solved

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Netscape exploit solved

From: kooros () TITAN SRRB NOAA GOV (Paul T. Kooros)
Date: Mon, 23 Jun 1997 19:20:50 -0600


    Hi,
        Since apparently others have posted solutions, here is mine.
As I have mentioned to certain individuals previously, where I previously
thought other methods of triggering the form-order reload bug were
implicated (<META TYPE="refresh" CONTENT="1"> or Java JSObject called
form reload) they seem not to trigger the bug.  Perhaps it is a "dirty"
flag on cache objects that was not set in one case.

        Please, again, do not allow this information to fall into evil hands,
or use it for evil yourself.

               http://www.kooros.com/fupldtest/nsbug.html

Thanks.
                -Paul.

P.S.  The web site is at the end of a slow line, and serves only this purpose.

By Date By Thread

Current thread:

Netscape Communicator 4.01, (continued)
- Netscape Communicator 4.01 Aleph One (Jun 18)
- [Fwd: DESCHALL Press Release] Brian Young (Jun 18)
- Re: Netscape Exploit SOLVED Edwin Li-Kai Liu (Jun 19)
  - Re: Netscape Exploit SOLVED John Robert LoVerso (Jun 20)
- Re: Netscape Exploit SOLVED Aymeric Grassart (Jun 20)
- Re: Netscape exploit solved Paul T. Kooros (Jun 23)