 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
This came from the Mandrake security list. I can't demonstrate the vulnerability though, likely related to my firewall. Problem Description: There exists a problem in all versions of Netscape with Java enabled. Under certain conditions, Netscape can be turned into a server that serves files on your local hard drive that Netscape has read access to and remote people can access it by connecting their web client to port 8080 on your machine if they know the IP address. For a demonstration of this vulnerability visit http://www.brumleve.com/BrownOrifice/. ________________________________________________________________________ Linux-Mandrake recommends you disable Java to make Netscape invulnerable to this exploit. You can disable Java by hand in Edit -> Preferences -> Advanced. You can also remove the preferences.js file by using: rm -f ~/.netscape/preferences.js _ -- .david David Lapointe "Hokey religions and ancient weapons are no match for a good blaster at your side, kid," - Subcription/unsubscription/info requests: send e-mail with "subscribe", "unsubscribe", or "info" on the first line of the message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
