[16110] in bugtraq
Re: Dangerous Java/Netscape Security Hole
daemon@ATHENA.MIT.EDU (tkuiper@TOBIT.COM)
Mon Aug 7 13:26:35 2000
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7Bit
Message-ID: <001DEF19.398E67ED@mail.tobit.com>
Date: Mon, 7 Aug 2000 07:40:30 UT
Reply-To: tkuiper@TOBIT.COM
From: tkuiper@TOBIT.COM
To: BUGTRAQ@SECURITYFOCUS.COM
which versions are affected, even Netscape 6 PRE?
Best Regards,
Thomas
-------- Original Message --------
Subject: Dangerous Java/Netscape Security Hole (07-Aug-2000 9:35)
From: dan=security@BRUMLEVE.COM
To: tkuiper@TOBIT.COM
Dear BugTraq,
I've found some security holes in Java and Netscape
that allow arbitrary network access and read-access
for local files and directories. As a demonstration
I've written Brown Orifice HTTPD, a web server and file
sharing tool that runs in Netscape Communicator on all
tested platforms. For more information, see:
http://www.brumleve.com/BrownOrifice
Thomas Kuiper | tkuiper@tobit.com | www.tobit.com __
Core Development | ICQ #8345483 | /__/\
Tobit Software | PGP Key on Request | ask your server. \__\/
To: dan=security@BRUMLEVE.COM
BUGTRAQ@SECURITYFOCUS.COM
