Bugtraq mailing list archives
Re: Potential disclosure of sensitive information in Netscape 7.0 email client
From: Bartek Raszczyk <crayfish () underground org pl>
Date: Thu, 2 Jan 2003 00:38:35 +0100
Hello Michael, Wednesday, January 1, 2003, 12:19:49 PM, you wrote: MP> Netscape 7.0 includes, as part of it's release, an email client, capable of MP> handling POP3 and IMAP accounts. The method that the email client utilizes MP> to permanently delete email messages is not explained, which could lead to MP> users having large quantities of email messages, which they would think of MP> as permanently deleted, still stored in clear text on their hard disks. The same applies to Ritlab's The Bat! (up to version 1.60c i'm currently using). The Bat! stores all of the messages in $thebathome\mail\$accountname\$foldername\Messages.tbb and status information in Messages.tbi (without customization and message filtering all mail goes to $foldername named inbox). All messages remain there until Folder|Compress function is used. The question is - is that a feature or a bug? I'm using The Bat! for nearly three years now and it's there from where I can remember (although there were dozen or so version changes). -- Best regards, Bartek Raszczyk mailto:crayfish () underground org pl
Current thread:
- Potential disclosure of sensitive information in Netscape 7.0 email client Michael Puchol (Jan 01)
- Re: Potential disclosure of sensitive information in Netscape 7.0 email client Bartek Raszczyk (Jan 02)