Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: IE
From: nicolas vigier <boklm () mars-attacks org>
Date: Mon, 19 Jul 2004 13:46:59 +0200

On Sun, 18 Jul 2004, Ill will wrote:

"user-agent contains very little _sensitive_ info"

user agents could be used for exploits.. like redirecting the browser
to whatever exploit page  by the definition of what browser is
connecting to it etc.. so it would be a  good idea for some people to
conseal what type of browser is defined in the headers

And you can feel safe with that ? Someone can put an exploit on a page
without checking your browser before.
The real solution is to use a browser with no known vulnerability (and
that's better if it didn't have a lot in the past), not to try to hide
what you are using.

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
  • IE Gabriel Alexadros (Jul 17)
    • Re: IE morning_wood (Jul 17)
    • RE: IE {tonyFelice} (Jul 18)
      • RE: IE Eric Paynter (Jul 18)
        • Re: IE Ill will (Jul 19)
        • Re: IE nicolas vigier (Jul 19)
        • Re: IE Eric Paynter (Jul 19)
        • Re: IE tshilson (Jul 19)
        • Re: IE J.A. Terranson (Jul 19)
        • Re: IE Rodrigo Barbosa (Jul 19)
        • Re: IE tshilson (Jul 19)
        • Re: IE lonely wolf (Jul 20)
        • Re: IE Lupe Christoph (Jul 20)
        • Re: IE lonely wolf (Jul 20)
        • Re: IE tshilson (Jul 20)
        • Re: IE Rodrigo Barbosa (Jul 20)
  • (Thread continues...)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]