[23245] in bugtraq
Re: Information Leak Bug in Netscape Mail
daemon@ATHENA.MIT.EDU (Scott Dier)
Fri Nov 23 19:07:33 2001
Date: Fri, 23 Nov 2001 15:07:11 -0600
From: Scott Dier <dieman@ringworld.org>
To: GOBBLES@hushmail.com
Cc: bugtraq@securityfocus.com
Message-ID: <20011123150711.B2042@ringworld.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20011122030940.19101.qmail@tsunami.stormhosting.com>
> All versions of Netscape Mail that the GOBBLES researchers tested seemed
> to be vulnerable to this attack.
I believe this was reported to Mozilla's bugzilla eons ago and Is *not*
leaking information (tested with 0.9.5)
I think it was fixed somewhere back in the milestones. Thus, the
current release of netscape mail doesn't have this issue, I think. I'm
guessing you were working with 4.7x? or one of the old 6.x beta/preview
releases?
Thanks
--
Scott Dier <dieman@ringworld.org> <sdier@debian.org>
http://www.ringworld.org/ #linuxos@irc.openprojects.net
So I ran up to him, and the exchange went something like this:
Me: Oh my god! You're Larry Niven!
Him: Oh my god! You're Wil Wheaton!
-Wil Wheaton, in a Slashdot interview
