Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

This just in: Netscape Vulnerability

This came from the Mandrake security list.  I can't demonstrate the vulnerability though,
likely related to my firewall.  

Problem Description:

There exists a problem in all versions of Netscape with Java enabled.
Under certain conditions, Netscape can be turned into a server that
serves files on your local hard drive that Netscape has read access to
and remote people can access it by connecting their web client to port
8080 on your machine if they know the IP address.  For a demonstration
of this vulnerability visit

Linux-Mandrake recommends you disable Java to make Netscape invulnerable
to this exploit.  You can disable Java by hand in Edit -> Preferences ->
Advanced.  You can also remove the preferences.js file by using:

rm -f ~/.netscape/preferences.js

 David Lapointe
"Hokey religions and ancient weapons are no 
match for a good blaster at your side, kid,"
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at (Subject line is ignored).

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /