[2097] in WWW Security List Archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Java Hole: Web Graffiti & Covert Channels

daemon@ATHENA.MIT.EDU (Fox, Mick, Lt, SAM-DSON)
Wed May 15 00:01:30 1996

From: "Fox, Mick, Lt, SAM-DSON" <foxm@COMM.HQ.AF.MIL>
To: owner-www-security <owner-www-security@ns2.rutgers.edu>,
        www-security <www-security@ns2.rutgers.edu>
Date: Tue, 14 May 96 08:24:00 PDT
Errors-To: owner-www-security@ns2.rutgers.edu


How do you get your firewall to actually stop the code from coming onto your 
network?
Mick Fox
US Air Force
 ----------------------------------------------------------------------------  
 --
I investigated your site, and was amazed to see the extent of this
problem.  For example, the idea that a user hitting any site on the
web after activating the trojan horse applet, will see whatever it
is the trojan horse wants them to see by REDIRECTING the URL
locations to the hacker server?  This is very serious if true. (The
firewall doesn't allow in applets, so I couldn't test your examples.)


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[2097] in WWW Security List Archive

Re: Java Hole: Web Graffiti & Covert Channels

daemon@ATHENA.MIT.EDU (Fox, Mick, Lt, SAM-DSON)Wed May 15 00:01:30 1996

daemon@ATHENA.MIT.EDU (Fox, Mick, Lt, SAM-DSON)
Wed May 15 00:01:30 1996