[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: YET ANOTHER BAD NETSCAPE HOLE!

To: [email protected] (Cypherpunks Mailing List)
Subject: Re: YET ANOTHER BAD NETSCAPE HOLE!
From: [email protected] (Futplex)
Date: Fri, 22 Sep 1995 04:50:09 -0400 (EDT)
In-Reply-To: <[email protected]> from "Ray Cromwell" at Sep 22, 95 04:30:03 am
Reply-To: [email protected] (Cypherpunks Mailing List)
Sender: [email protected]

Ray Cromwell writes:
> WOW!! Unbelievable! Stop the presses! I Can't believe no one ever discovered
> this before! Try a page with the following URL
> 
> <a href="mailto:[email protected]|xterm&"> test </a>
> 
> Muahaha! Yet another security hole! Clicking on this mailto brings up
> an xterm on my machine!  

This is curious, because Netscape 1.1N doesn't do this on my setup, unless I
misunderstand your description somehow. The full string including the pipe
and all come up in the To: field of the standard Netscape mailer window. At
that stage I see it as much less of a potential risk. I can't test what
happens if you actually try to send mail to such a trojan horse URL, because
there's some screwy configuration here that makes Netscape complain about
not being able to connect to localhost (!?!) when I try to send mail from it.

Mosaic 2.4 gives a standard warning page in response to this.

(I'm using SunOS 4.1.2)

-Futplex <[email protected]>

Follow-Ups:
- Re: YET ANOTHER BAD NETSCAPE HOLE!
  - From: [email protected] (Rainer Heesen)

References:
- YET ANOTHER BAD NETSCAPE HOLE!
  - From: Ray Cromwell <[email protected]>

Prev by Date: Re: YET ANOTHER BAD NETSCAPE HOLE!
Next by Date: Re: The Next Hack
Prev by thread: Re: YET ANOTHER BAD NETSCAPE HOLE!
Next by thread: Re: YET ANOTHER BAD NETSCAPE HOLE!
Index(es):
- Date
- Thread