[81786] in Cypherpunks

home help back first fref pref prev next nref lref last post

Re: Impact of Netscape kernel hole

daemon@ATHENA.MIT.EDU (Tom Weinstein)
Fri Jun 13 22:48:16 1997

Date: Fri, 13 Jun 1997 18:35:48 -0700
From: Tom Weinstein <tomw@netscape.com>
To: John Young <jya@pipeline.com>
Cc: cypherpunks@toad.com
Reply-To: Tom Weinstein <tomw@netscape.com>

John Young wrote:
> 
> Still, it would be good to know if a Netscape snooper could snarf a
> key while it is being used by PGP to decrypt, that is, whether the
> hole allows snooping on dynamic ops or just on stored info.
> 
> Does anyone know if the the hole finders are discussing this on the
> Net, and if so, where? What are the folks at Netscape saying? Tom,
> Jeff?

We aren't talking about it much.  We've released some information to
the press and posted a release on our web site.

This attack can be used to grab any file from the user's hard drive,
provided you know the file name and path.  It exploits a bug in the
way forms are handled.  You can guard against this attack by turning
on the warning dialog for submitting a form over an insecure connection.

We have a fix which we are testing now, and we'll have it out early next
week for 4.0.  A fix for 3.x will follow once we have 4.0 fixed.

-- 
What is appropriate for the master is not appropriate| Tom Weinstein
for the novice.  You must understand Tao before      | tomw@netscape.com
transcending structure.  -- The Tao of Programming   |


home help back first fref pref prev next nref lref last post