Another security hole exposed - this time in Navigator. Apparently, the way Navigator validates SSL sessions is not totally secure. It's not generally as bad as the IE cookie problem, but it's a problem nonetheless (and possibly it's worse in a very circumscribed set of circumstances.) It's not as bad becasue a) it is very difficult to exploit this problem and b) the problem is already fixed in the latest 4.73 version of Navigator. If you use Netscape (especially when making secure e-commerce connections over https:,) go download the latest version!
- jim 5-13-2000 3:53 pm
back to Jim Bassett's Weblog



add a comment to this page:

Your post will be captioned "posted by anonymous,"
or you may enter a guest username below:


Line breaks work. HTML tags will be stripped.


[home] [subscribe] [login]