[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Please send cash
> > While HotJava prevents applets from actively opening connections that
> > violate the user-selected security policy, it allows an applet to accept
> > connections from anywhere. At this point, an applet only has to use any one
> > of a number of channels to communicate where it is, and have the remote end
> > do the active open.
> What if I start a Java applet then send it a faked TCP/IP packet from another
> host? Can I hotwire an outgoing connection that appears to be from the victim
I think so.
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236