Re: Apple Safari 1.1 (v100)

To: Austin Gilbert <austin@xxxxxxxxxxxxxxxxxx>
Subject: Re: Apple Safari 1.1 (v100)
From: Christian Horchert <chorchert@xxxxxxxxx>
Date: Wed, 19 Nov 2003 21:41:16 +0100
Cc: bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <20031118172833.86096.qmail@xxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <20031118172833.86096.qmail@xxxxxxxxxxxxxxxxxxxxxxx>

Hello Austin!

Am 18.11.2003 um 18:28 schrieb Austin Gilbert:

it appears that Apple's Safari is vulnerable to the
old Mozilla/IE cookie theft vulnerability outlined by
Marc Slemko
http://alive.znep.com/~marcs/security/mozillacookie/


This seems to even work if cookies are disabled.
Stupid, really!


  Christian

References:
- Apple Safari 1.1 (v100)
  - From: Austin Gilbert

Prev by Date: Re: OpenBSD kernel holes ...
Next by Date: [securitylab.ru & security.nnov] Kerio Winroute Firewall Xroxy problem
Previous by thread: Apple Safari 1.1 (v100)
Next by thread: Re: Apple Safari 1.1 (v100)
Index(es):
- Date
- Thread