On 10-Aug-2000 Marko Cehaja wrote: > Dear > > On Tue, Aug 08, 2000 at 05:44:45PM -0400, David Teague wrote: >> >> On NPR's Morning Edition they described a security hole in Netscape >> versions 4.73 and earlier that allows 'infection' by access to >> 'nasty' web sites. It is said to put your hard drive at risk some >> way. >> >> I assume this is a Windows problem, BUT does anybody know what this >> hole is and whether Linux is susceptible? (Probably only the user's >> files would be at risk at worst.) >> > > That is a hole in Netscape & SDK which it internally uses. What happens > is simply that javascript executes (very fast and without notice) and
Javascript ??? It's a java *applet* and it's available at http://www.brumleve.com/BrownOrifice/ > it makes your Netscape a web-server. Your IP could be tracked down by > the server where you got the javascript, and somebody else could browse Since it's executed by a (perl) cgi script, your adress can be taken easily from the cgi environment. > through your files, and take informations. However, the hole is in the > Netscape, they can't browse directories which are disabled to be readable > by "others". On *nix of course it can only access files that you have access to. > Files could be deleted or read, if one set it up in that javascript. > > That hole in Netscape is not the hole in Linux or in Debian OS, because > there are also other ways to intrude the system and see what is there. > > It is responsibility of the system administrator to ensure what kind of > software does he install and if he can trust that company which made it. > > But anybody who has properly set up the ipchains, should be pretty much > secure and imune to that. That java-web-server runs on some different port, > so if you you know ports you allow to access and which services should > run on those ports, even when you execute that javascript, nobody could > access any of your files. > > The story is somewhere on /. > > Sincerely, > Marko Cehaja >
