From: Aleph One <aleph1@dfw.net>
Date: Wed, 27 Sep 95 01:21:32 PDT
To: Alan Olsen <alano@teleport.com>
Subject: Re: [NOISE] Re: Easter Eggs
In-Reply-To: <199509261959.MAA28501@desiree.teleport.com>
Message-ID: <Pine.SUN.3.90.950927031557.2286A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain


Actually there is a limit of 20 cokies per web server.
I will have to check to see if there is a limit on the size of
the cookie. And no you dont need a Netscape server. Its just another
HTTP header. What about this: downloading a encoded picture
contating graphic description of sex with minors. Would the FBI go around 
checking peoples cookie files and busting them?

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Tue, 26 Sep 1995, Alan Olsen wrote:

> obNetscapeHack:  There is a feature called a "cookie file" in Netscape that
> is ripe for exploitation as a security leak.  If you are using a Netscape
> server (and you may not even need that), you can feed all sorts of
> information into it without the user's knowlege.  I have heard of one page
> that overloads the cookie file until the machine runs out of drive space.  I
> am sure that there are other exploitable holes there...  Any takers?