Bugtraq mailing list archives
Re: Netscape Communicator 4.5 can read local files
From: trev () KICS BC CA (Trev)
Date: Wed, 25 Nov 1998 14:13:05 -0800
At 12:48 PM 11/25/98 -0500, Ben Collins wrote:
If some one here can setup a webpage, send me the URL, have that page read the file '/test.txt' from my hardrive and then that person send the contents to this list, I will believe. Otherwise I think this whole hysteria over 'unforseen' dangers should stop.
I've whipped up a couple of demos of this bug that send the contents to a cgi. There is a windows version that I know works, and a unix version I can't test because my linux box is down (it's a hardware thing). This is for anyone who has doubts.... http://www.kics.bc.ca/~trev/cgi-bin/test.html (Windoze) http://www.kics.bc.ca/~trev/cgi-bin/test-unix.html (UNIX) And yes, it can email it to you if you like :) Trev
Current thread:
- Re: Netscape Communicator 4.5 can read local files, (continued)
- Re: Netscape Communicator 4.5 can read local files Andrew McNaughton (Nov 24)
- Re: Netscape Communicator 4.5 can read local files The Spirit of the Black Panther (Nov 23)
- Re: Netscape Communicator 4.5 can read local files Ryan Russell (Nov 24)
- Re: Netscape Communicator 4.5 can read local files Ben Collins (Nov 25)
- APC PowerNet SNMP Adapter Security Issues - Beta Firmware Paul Mansfield (Nov 25)
- Re: Netscape Communicator 4.5 can read local files Pavel Kankovsky (Nov 25)
- Re: Netscape Communicator 4.5 can read local files Terence Christopher Haddock (Nov 25)
- Re: Netscape Communicator 4.5 can read local files Ben Collins (Nov 25)
- Re: Netscape Communicator 4.5 can read local files Terence Christopher Haddock (Nov 25)
- XFree86 3.3.3 Released Aleph One (Nov 25)
- Re: Netscape Communicator 4.5 can read local files Trev (Nov 25)
- Re: Netscape Communicator 4.5 can read local files Ben Collins (Nov 25)
- Re: Netscape Communicator 4.5 can read local files kpm (Nov 25)
- Re: Netscape Communicator 4.5 can read local files Sven Carstens (Nov 25)
- Re: Netscape Communicator 4.5 can read local files Michael Teichmann (Nov 26)
- Re: Netscape Communicator 4.5 can read local files Trev (Nov 27)
- Java Redirect Bug - Netscpape 4.0[678] and 4.5 Keith Woodard (Nov 27)
- ipfwadm has pseudo-DoS ;) Domas Mituzas (Nov 28)
- Debian: Security flaw in FSP Vanja Hrustic (Nov 28)
- Debian: Security flaw in FSP David Damerell (Nov 30)
- RSI.0010a.11-29-98.IRIX.AUTOFSD RSI Advise (Nov 29)
- Re: Netscape Communicator 4.5 can read local files Todd C. Campbell (Nov 30)