1995-12-05 - Re: Tricky Netscape Security Hole

Header Data

From: Jeff Weinstein <jsw@netscape.com>
To: cypherpunks@toad.com
Message Hash: dfdbbf0ddd2637773f90c99b3db4c8f519e6f82f9adeb4d7bc64967be3dabe01
Message ID: <30C3FEE5.71C6@netscape.com>
Reply To: <199512050729.AAA28538@mailhost1.primenet.com>
UTC Datetime: 1995-12-05 08:16:13 UTC
Raw Date: Tue, 5 Dec 95 00:16:13 PST

Raw message

From: Jeff Weinstein <jsw@netscape.com>
Date: Tue, 5 Dec 95 00:16:13 PST
To: cypherpunks@toad.com
Subject: Re: Tricky Netscape Security Hole
In-Reply-To: <199512050729.AAA28538@mailhost1.primenet.com>
Message-ID: <30C3FEE5.71C6@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Thaddeus Ozone, by way of carolann@censored.org Censored Girls Anonymous wrote:
> 
> Yes it's full of headers, but it's the complete, unexpurgated version.
> If this theory is correct, this IS FAR WORSE THAN A 40 bit key.
> 
> I saw the livescript on the source code.
> I use 1.22 for image stability right now, though.
> 
> Yes it's a came from, a came from, a came from kinda deal,
> but in the interest of security brevity it "seems real enough" to me.

  Didn't you see this discussed here last week?  This is a bug in Beta 2.
It has since been fixed, and the now available Beta 3 of Netscape 2.0
has the fix.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





Thread