Bugtraq mailing list archives
Re: Shockwave Security Alert
From: joefish () TRINET COM (Joseph Fish)
Date: Fri, 14 Mar 1997 10:49:13 -0500
At 1:01 AM -0600 3/14/97, Aleph One wrote:
http://www.webcomics.com/shockwave/ SHOCKWAVE SECURITY ALERT AKA :: How to use Shockwave to read people's Netscape email! 10-Mar-97 --- reported by: David de Vitry
Cool! The method of getting the e-mail from Netscape is using a command issued to Netscape via the mailbox: command. This is possible to do in Java as well. Shockwave's getNetText will not get text from your local drive by itself. For instance, I cannot get your autoexec.bat file even though I know the absolute path to it. This is because it is not in a mailbox file accessible via the mailbox command in Netscape. Try typing mailbox: in your URL location and pressing return. You can also type in: javascript: and press return to access a javascript test thing. Or news: to open the news window. Wheeeeee..... ________________________________________________ Joseph Fish "If I could, I would have a General Manager, direct connection to my brain" Internet Services TriNet Services, Inc. 919-833-2247 x233 URL: http://www.trinet.com/ joefish () trinet com ________________________________________________
Current thread:
- Exploit for buffer overflow in /bin/eject - Solaris 2.X - Cristian SCHIPOR (Mar 13)
- Re: Exploit for buffer overflow in /bin/eject - Solaris 2.X - Jonathan Sturges (Mar 13)
- Re: Exploit for buffer overflow in /bin/eject - Solaris 2.X - The Nocturnal Prince (Mar 13)
- Shockwave Security Alert Aleph One (Mar 13)
- Frotpage Extensions and Unix Roland Spatzenegger (Mar 10)
- Re: Frotpage Extensions and Unix M. (Mar 15)
- Re: Shockwave Security Alert Joseph Fish (Mar 14)
- Internet Explorer Bug #4 Aaron Spangler (Mar 14)
- Internet explorer gives your NT password away! Paul Ashton (Mar 14)
- gzip security problem Aleph One (Mar 13)
- Re: Exploit for buffer overflow in /bin/eject - Solaris 2.X - Jonathan Sturges (Mar 13)
- Re: Exploit for buffer overflow in /bin/eject - Solaris 2.X - Casper Dik (Mar 14)
- <Possible follow-ups>
- Re: Exploit for buffer overflow in /bin/eject - Solaris 2.X - Casper Dik (Mar 14)