Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1999_1

Bugtraq archives for 1st quarter (Jan-Mar) 1999: Re: Netscape Communicator window spoofing bug

Re: Netscape Communicator window spoofing bug

Georgi Guninski (guninskiHOTMAIL.COM)
Tue, 23 Feb 1999 03:44:03 PST

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Frank Miller: "Re: Frontpage extensions under Apache 1.3.4"
Previous message: Alistair Cunningham: "Re: Security hole: "zgv""
Maybe in reply to: Georgi Guninski: "Netscape Communicator window spoofing bug"

>
>Frames or not, this bug was discussed in some detail in the O'Reilly
>book _Web Security and Commerce_ by Garfinkel and Spafford.  Since its
>original publication date is June 1997, I think we can assume that this
>bug has been known for almost two years.

Excuse my ignorance, but I have not read that book.
Could you please be more specific for what you mean by "some detail"?
I would appreciate a quotation and/or example from that book concerning
window spoofing.
I am surprised why nobody alerted Netscape and the internet community if
the bug has been known for almost two years.
According to Netscape this is a new bug.

Regards,
Georgi Guninski

______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com

Next message: Frank Miller: "Re: Frontpage extensions under Apache 1.3.4"
Previous message: Alistair Cunningham: "Re: Security hole: "zgv""
Maybe in reply to: Georgi Guninski: "Netscape Communicator window spoofing bug"