[28365] in bugtraq
Re: Potential disclosure of sensitive information in Netscape 7.0
daemon@ATHENA.MIT.EDU (Markus Gaugusch)
Sat Jan 4 14:22:09 2003
Date: Sat, 4 Jan 2003 19:37:27 +0100 (CET)
From: Markus Gaugusch <markus@gaugusch.at>
To: bugtraq@securityfocus.com
In-Reply-To: <20030102234252.10882.qmail@hellokitty.com>
Message-ID: <Pine.LNX.4.44.0301041928460.907-100000@phoenix.kerstin.at>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Jan 2, Blud Clot <bludclot@hellokitty.com> wrote:
> I noticed this a while ago with netscape 4.x and those versions are
> still vulnerable as well. I've never checked 6.x.
I don't think this is a real vulnerability. The function says "delete" and
not "destroy". We all know, that data can be recovered after deletion.
The docs should be updated a little bit, but people who rely on the delete
features of their email client for security reasons can't be taken
seriously.
Markus Gaugusch
--
__________________ /"\
Markus Gaugusch \ / ASCII Ribbon Campaign
markus@gaugusch.at X Against HTML Mail
/ \
