[44694] in Cypherpunks
Re: Tricky Netscape Security Hole
daemon@ATHENA.MIT.EDU (Jeff Weinstein)
Tue Dec 5 03:23:08 1995
Date: Tue, 05 Dec 1995 00:12:21 -0800
From: Jeff Weinstein <jsw@netscape.com>
To: cypherpunks@toad.com
Thaddeus Ozone, by way of carolann@censored.org Censored Girls Anonymous wrote:
>
> Yes it's full of headers, but it's the complete, unexpurgated version.
> If this theory is correct, this IS FAR WORSE THAN A 40 bit key.
>
> I saw the livescript on the source code.
> I use 1.22 for image stability right now, though.
>
> Yes it's a came from, a came from, a came from kinda deal,
> but in the interest of security brevity it "seems real enough" to me.
Didn't you see this discussed here last week? This is a bug in Beta 2.
It has since been fixed, and the now available Beta 3 of Netscape 2.0
has the fix.
--Jeff
--
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.
