Paketname
netscape
Datum
2000-08-10
Advisory ID
MDKSA-2000:033
Betroffene Versionen
6.1 i586 , 6.0 i586 , 7.0 i586 , 7.1 i586

Problembeschreibung

There exists a problem in all versions of Netscape with Java enabled. Under certain conditions, Netscape can be turned into a server that serves files on your local hard drive that Netscape has read access to and remote people can access it by connecting their web client to port 8080 on your machine if they know the IP address. For a demonstration of this vulnerability visit http://www.brumleve.com/BrownOrifice/. Linux-Mandrake recommends you disable Java to make Netscape invulnerable to this exploit. You can disable Java by hand in Edit -> Preferences -> Advanced. You can also remove the preferences.js file by using: rm -f ~/.netscape/preferences.js

Aktualisierte Pakete

6.1 i586

 na 6.1/RPMS/na

6.0 i586

 na 6.0/RPMS/na

7.0 i586

 na 7.0/RPMS/na

7.1 i586

 na 7.1/RPMS/na