You are here: silicon.com > Software > Security Strategy

Security Strategy

Son of Cache-Cow strikes back at Netscape

Printer Friendly Email Story RSS

By Sally Watson

Published: 9 October 1998 17:13 BST

Netscape's software upgrade designed to plug the security hole in its Navigator browser is also faulty according to Dan Brumleve, the consultant who discovered the first bug.

Netscape released Navigator 4.07 on Monday as a fix for security problems dubbed 'Cache-Cow' by Brumleve. The bug allowed a hacker to inject foreign JavaScript code into Web documents enabling them to steal the contents of a user's cache.

But Brumleve claims Netscape has failed to fix the problem properly, and has posted a JavaScript program on his Web site to prove the Cache-Cow problem still exists. He has also written other JavaScripts proving that the security flaw could allow a hacker to steal cookies or the contents of a surfer's local drive.

Netscape has posted a security update on its Web site confirming the hole in its latest release, and says it will post a fix as soon as possible.

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Related Links

Firefox update plugs cookie flaw

Adobe PDF flaw 'more serious than first thought'

OpenOffice patches trio of holes

Web developers pick holes in browser security

Netscape fights browser privacy bug

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Peter Cochrane Peter Cochrane's Blog: Is convergence a fiction? Or could it finally be happening…

Clive Longbottom Quocirca's Straight Talking: A game of two halves Microsoft Virtualisation scores while its SOA bores...

Viacom vs Google: YouTube privacy fears

Google Talk finds a home on iPhone

ePassport upgrade scaled back

Barclays gives online users free security software

Probe into loss of 21,000 hospital patient details

Zittrain: Android holds the key to free future


  • Jobs
Front End Developer XHTML, CSS, Javascript, W3C

The successful candidate will need to: -Use information/interaction design skills to develop and document site structures, navigation flows, wire ...

DBA - SQL Server 2005 - London, South East

Set up and configure SQL Server Reporting Services and the SSRS plug-in for SharePoint. Set up alerting for failed jobs or any performance thresholds ...

Technical Lead (Technical Support) - Perl, PHP, Linux, JavaScript, SQL - London

Technical Lead (Technical Support) - Perl, PHP, Linux, JavaScript, SQL - London Job Purpose: The Technical Lead is responsible for supporting the ...

CIO50 2008
The silicon.com CIO50 2008 profiles the most influential and innovative tech chiefs in the UK across all industries and organisation size, from the biggest FTSE100 companies to high growth dot-com start ups and the public sector. The list was voted on by the UK CIO community and a panel of experts. Find out more in our latest special report.

College classrooms go high-tech

Travis Perkins builds its tech future

Thin clients switch on digitally excluded

MSDN Webcast: Demystifying Office Business Applications for the Developer (Level...

Understanding SOA and Business Mashups: Automate. Coordinate. Collaborate. No coding...

Tips and Tricks for Office 2007

MSDN Webcast: Demystifying Office Business Applications for the Business Analyst...

Stories from the web...


Peter Cochrane's Video Blog: Power outrage

Business agility through flexible IT

What are you really saying?


London data centres hit by credit crunch

Ofcom: Mobile broadband driving interest in fibre

3G iPhone to storm enterprise world, says O2

MoD IT - late and over budget

Terrorists turning to tech, warns gov't




Quick Sitemap Links: