[Am-info] Netscape/Mozilla/Galeon Local File Detection Vulnerability
Fred A. Miller
fm@cupserv.org
Mon, 6 May 2002 16:45:14 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Netscape/Mozilla/Galeon Local File Detection Vulnerability
BugTraq ID: 4640
Remote: Yes
Date Published: Apr 30 2002 12:00A
Relevant URL:
http://www.securityfocus.com/bid/4640
Summary:
Mozilla is a freely available, open-source web browser. It runs on most
Linux and Unix variants, as well as MacOS and Microsoft Windows
9x/ME/NT/2000/XP operating systems. Netscape is another popular
web-browser product which runs on the same platforms as Mozilla. The
Galeon browser is available for various Linux distributions.
External Cascading Style-Sheets (CSS) may be embedded inside of HTML
files. This is accomplished using the <LINK> element. The security mode=
l
of the web client is designed to prevent links to other file types and
links to local files on the client's system from remote pages.
It has been demonstrated that it is possible for a webpage to circumvent
this security model by linking to the external file and causing a HTTP
redirect to occur. This could be exploited to detect the existence of a
file on the local system of the web client viewing the malicious page.
This could lead to a disclosure of sensitive information to remote
attackers.
- --=20
Fred A. Miller
Systems Administrator
Cornell Univ. Press Services
fm@cupserv.org, www.cupserv.org
- --- SuSE Linux v8.0 Pro---
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjzW61oACgkQB9vk4ichYXci9wCfdaJVIYwp3hS6YgXg8cDZcSKS
G5MAnizy+JXg7ldil3QXvrZg2V56eLkx
=3Du0wW
-----END PGP SIGNATURE-----