[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Netscape Bug Reproduced
Subject: Netscape privacy problem reproduced at EIFIST
Date: 6/16/97 5:34 PM
Netscape privacy problem:
Using information gleaned from the web site of the Danish company that
first reported the problem, Keith Woodard and Dave Humphrey at EIFIST
have built a web page which reproduces the privacy problem in Netscape
Navigator and Communicator web browsers. From that effort they have
developed a better understanding of how the Netscape bug works, and what
defensive measures users can take until a bugfix is available from
Netscape.
First, the problem is indeed read-only, and involves only files to which
the explicit path name is known. Second, all file systems accessible
from the Netscape user's system are reachable -- that means mapped
network drives as well as the local hard disk. Third, JavaScript can be
used by a web site to automate reading a user's file so that it is
invisible to the user. However, the bug does not involve use of Java at
all.
The demo website can be visited at the following URL:
http://eifist.frb.org/hacker/fileupload.html
Please urge all Internet web users to take the following interim steps until a
permanent fix is available from Netscape:
* In Navigator 3.x and 2.x, go to the Options menu and select Security
Preferences. Select the "Submitting a Form Insecurely" preference to
enable that warning dialog box. This will generate a warning box
whenever a site tries to upload a form, giving the user a chance to
decide whether to allow it.
* Also, in Navigator 3.x and 2.x, go to the Options menu and select
Network Preferences. Turn OFF the "Enable JavaScript" preference.
This will block execution of JavaScript code which might try to
perform an invisible file upload, while permitting display of the
rest of the page.
These measures are temporary until a full bug fix is made
available by Netscape and proven against the EIFIST demo page.
Regards