Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1999_1

Bugtraq archives for 1st quarter (Jan-Mar) 1999: Netscape Communicator 4.51 allows sniffing of URLs from another

Netscape Communicator 4.51 allows sniffing of URLs from another

Georgi Guninski (joroNAT.BG)
Thu, 25 Mar 1999 20:07:52 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Charles M. Hannum: "Re: New OpenBSD security patches"
Previous message: bakuEXCITE.COM: "WUftp scanner"

There is a bug in Netscape Communicator 4.51,4.5/Win95, 4.08/WinNT
(probably others?),
which allows sniffing URLs from another window.
The exploit uses the ability to execute JavaScript code from specially
designed
URLs in the javascript console window, when an error is deliberately
invoked.

Demonstration and source is available at:
http://www.nat.bg/~joro/b11.html

(The exploit does not work if you are behind some versions of a squid
proxy.
If you do not see your URL in a message box, try reloading the main
page).

Workaround: Disable JavaScript.

Regards,
Georgi Guninski

Next message: Charles M. Hannum: "Re: New OpenBSD security patches"
Previous message: bakuEXCITE.COM: "WUftp scanner"