tlug: Another Netscape 4.07 cache reading bug (fwd)

[Scott Stone <sstone@example.com>]

>From BUGTRAQ just now...

--------------------------------------------------
Scott M. Stone <sstone@example.com, sstone@example.com>
               <sstone@example.com>
Head of TurboLinux Development/Systems Administrator
Pacific HiTech, Inc (USA) / Pacific HiTech, KK (Japan)
http://www.pht.com		http://armadillo.pht.co.jp
http://www.pht.co.jp	        http://www.turbolinux.com


---------- Forwarded message ----------
Date: Thu, 8 Oct 1998 22:20:19 -0400
From: Georgi Guninski <guninski@example.com>
To: BUGTRAQ@example.com
Subject: Another Netscape 4.07 cache reading bug

I have found a new bug in Netscape Communicator 4.07, 4.05 (probably others),
which allows reading the user's cache (the URLs the user has visited, including the info in GET forms).
The bug uses Javascript - a link to 'about:<SCRIPT>...javascript code...</SCRIPT>' does the work.

A demo is available at: http://www.freeyellow.com/members5/guninski/ncache.html

Part of the code is borrowed from Dan Brumleve <nothing@example.com>, for better goodies see:
http://www.shout.net/~nothing/son-of-cache-cow/index.html
Workaround: Disable Javascript.

Regards,
Georgi Guninski


____________________________________________________________________
Get free e-mail and a permanent address at http://www.netaddress.com/?N=1

---------------------------------------------------------------
Next Meeting: 10 October, 12:30 Tokyo Station Yaesu central gate
Featuring the IMASY Eng. Team on "IPv6 - The Next Generation IP"
Next Nomikai: 20 November, 19:30  Tengu TokyoEkiMae 03-3275-3691
---------------------------------------------------------------
Sponsor: PHT, makers of TurboLinux http://www.pht.co.jp