Bugtraq mailing list archives
Re: Netscape Exploit
From: manojk () IO COM (Manoj Kasichainula)
Date: Sun, 15 Jun 1997 23:25:50 -0500
--hGH0dSjgZe/MVqb4 Content-Type: text/plain; charset=us-ascii On Sat, Jun 14, 1997 at 07:57:55PM -0400, Micah Brandon wrote:
I've been hackin' at this, but I can't get it either. I can "see" the value attribute being set but I don't think it's possible to change it with Javascript. We're probably barking up the wrong tree.
According to: http://www.news.com/News/Item/0,4,11487,00.html someone at Netscape claims that turning off JavaScript does not solve the problem, although JavaScript could "exacerbate" it. -- Manoj Kasichainula - manojk at io dot com - http://www.io.com/~manojk/ "Would you die for The One?" "I wouldn't get pizza for the one. That ain't my job." - J.M. Straczynski --hGH0dSjgZe/MVqb4 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBM6TATObiBQxKQSStAQFiUgf/W3XVvXh1e7S+dJnOpZzE1+9KE1U/zygT LpYs/9ffH2Nyd7DqJN5mXd+chUEzBQBuCh1oWuGPEvn7lGbAOn0nmkgDRKpUhMnE kuX3qk3Q6CicwdgzoUfKC/Itd7HYfPBBrpI0Yf8voJDaQVaxRSggieFOO67Z871M hoz/3xw1vG9YEYSAf+ysSzgI3lFUWMEiCFp+fQz0JXal+mUOU4sc+UeT4SPMcHtI 9myA3fNSjhRVRfTc/ZjqyZTejhandzrmCSEklaBuNbJQ04SGC2O0ut9GBI2jsm9d MWK92GShr6EQhd+y43KMaWcWHast+273mK3LQDKOMmdJS03xZuGSqQ== =5tz4 -----END PGP SIGNATURE----- --hGH0dSjgZe/MVqb4--
Current thread:
- Re: CERT Advisory CA-97.18 - Vulnerability in the at(1) program, (continued)
- Re: CERT Advisory CA-97.18 - Vulnerability in the at(1) program Rick Byers (Jun 12)
- Re: CERT Advisory CA-97.18 - Vulnerability in the at(1) program The Nolander (Jun 12)
- Re: CERT Advisory CA-97.18 - Vulnerability in the at(1) program Thomas Koenig (Jun 14)
- Re: CERT Advisory CA-97.18 - Vulnerability in the at(1) program Adam Morrison (Jun 15)
- Netscape Exploit root (Jun 14)
- Bug in SGI's /cgi-bin/handler Razvan Dragomirescu (Jun 14)
- Re: Bug in SGI's /cgi-bin/handler Yaron Yanay (Jun 15)
- Re: CERT Advisory CA-97.18 - Vulnerability in the at(1) program Rick Byers (Jun 12)
- sendmail 8.8.6 released Eric Allman (Jun 14)
- Re: Netscape Exploit Roger Espel Llima (Jun 14)
- Re: Netscape Exploit Micah Brandon (Jun 14)
- Re: Netscape Exploit Manoj Kasichainula (Jun 15)
- rshd gives away usernames David Holland (Jun 13)
- Re: rshd gives away usernames Erik Troan (Jun 13)
- Re: rshd gives away usernames Eric (Jun 13)
- Re: rshd gives away usernames Todd C. Miller (Jun 13)
- Re: rshd gives away usernames Alan Brown (Jun 14)
- Changing default UMASK for all daemons Dax Kelson (Jun 13)
- Re: Changing default UMASK for all daemons Joe Traister (Jun 14)
- Re: Changing default UMASK for all daemons Michael Helm (Jun 14)
- Re: Changing default UMASK for all daemons Tomasz R. Surmacz (Jun 16)
- Re: rshd gives away usernames Christophe Kalt (Jun 14)