Bugtraq mailing list archives
IE5 ACL protected pages viewable from cache by unauthorized user
From: krobinson () TEAMLEX COM (J.Kent Robinson)
Date: Sun, 15 Aug 1999 12:31:57 -0000
Running IIS4 on NT4 (SP5) server. Several web pages have permissions assigned with NT ACL (both NT Challege/Response and Basic Authentication). Discovered that protected pages can be viewed by unauthorized user (presumably from cache) if authorized user previously accessed pages from same computer client. This happens even after the browser has been completely closed and then reopened. An unauthorized user accesses the page by hitting the page link. This brings up the pop-up logon window. Hit cancel. User gets a 401 screen. Hit the back button. Hit the forward button. Viola . . . the user without credentials has access to the protected content. I've tested this behavior on NT4 WS, Win98 and Win2000 clients with the same results. Posts at the MS newsgroups yielded little response.
Current thread:
- Re: Possible Denial Of Service using DNS, (continued)
- Re: Possible Denial Of Service using DNS marka () ISC ORG (Aug 10)
- Re: Possible Denial Of Service using DNS David Schwartz (Aug 10)
- QMS 2060 printer security hole Frank Bures (Aug 18)
- DOS against SuSE's identd Hendrik Scholz (Aug 14)
- Re: DOS against SuSE's identd Danton Nunes (Aug 16)
- Re: DOS against SuSE's identd Volker Wiegand (Aug 17)
- Re: DOS against SuSE's identd Alan Brown (Aug 16)
- AOL Buffer Overflow??? Robert Graham (Aug 16)
- Re: DOS against SuSE's identd Seth R Arnold (Aug 17)
- Re: DOS against SuSE's identd Danton Nunes (Aug 16)
- Mandrake 6.0 .Xauthority Elmer Joandi (Aug 15)
- IE5 ACL protected pages viewable from cache by unauthorized user J.Kent Robinson (Aug 15)
- Re: IE5 ACL protected pages viewable from cache by unauthorized user David Schwartz (Aug 16)
- Possible Windows 9x Shared Printers Security Hole Luis Martin-Santos (Aug 15)
- Re-release: Microsoft Security Bulletin (MS99-029) Aleph One (Aug 16)
- Re: Possible Windows 9x Shared Printers Security Hole x-empt [ lvhc / lou ] (Aug 16)