[23176] in bugtraq
Re: the other IE cookie stealing bug (MS01-055)
daemon@ATHENA.MIT.EDU (CDE Francis)
Mon Nov 19 11:41:10 2001
Date: Fri, 16 Nov 2001 09:23:10 -0500
From: CDE Francis <fuy@jhu.edu>
In-reply-to: <Pine.BSF.4.20.0111142031560.527-100000@alive.znep.com>
To: Marc Slemko <marcs@znep.com>
Cc: bugtraq@securityfocus.com
Message-id: <a05100300b81ad0a1a2f0@[128.220.149.100]>
MIME-version: 1.0
Content-type: text/plain; charset=us-ascii; format=flowed
At 8:44 PM -0800 2001/11/14, Marc Slemko wrote:
> http://passport.com%20.sub.znep.com/cgi-bin/cookies
> ...will cause IE to connect to the hostname specified, but send the
> cookies to the server based on the hostname before the "%20"
Once again, I'd like to point out that IE 5 Mac (OS 8/9 or X) is not
vulnerable to this attack. Please remember that IE != Windows. :-p
-F.
