Re: WWW Security Hole

Martin Hamilton (M.T.Hamilton@lut.ac.uk)
Thu, 12 Aug 1993 18:10:52 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Bob Stayton: "Re: WWWWW Notes"
Previous message: Tony Sanders: "Re: H1 semantics"
In reply to: Marc VanHeyningen: "WWW Security Hole"
Next in thread: George Phillips: "WWW Security Hole"

Marc VanHeyningen said:

> - Is plain gopher sans WWW vulnerable to this same problem? Do they
> know about it? If not, telling them (and also CERT) would be a good idea.

I've just verified this myself. Oops!!

Idea:

How about patching clients so they have a list of "dodgy ports",
like SMTP, and ask the user whether to carry on if they get given
a URL that points to one?

Next message: Bob Stayton: "Re: WWWWW Notes"
Previous message: Tony Sanders: "Re: H1 semantics"
In reply to: Marc VanHeyningen: "WWW Security Hole"
Next in thread: George Phillips: "WWW Security Hole"