Netscape plugs cache security flaw

Netscape Communications has a fix for a potential security flaw in its Communicator software that leaves the URLs stored in the browser's cache exposed to the eyes of outsiders. If the URLs include private information such as credit-card data, that information is also available to others. The fix will be posted within the next few days and in the meantime, Netscape is recommending that customers clear their browser caches and then set the cache size to zero.

Netscape Communications has a fix for a potential security flaw in its Communicator software that leaves the URLs stored in the browser's cache vulnerable to the eyes of outsiders.

If the URLs include private information such as credit-card data, that information is also available to others.

Donna Sokolsky, a spokeswoman for the firm, said the problem was corrected Monday evening and that a fix would be posted within the next few days, after it was thoroughly tested. In the meantime, she recommended that customers clear their browser caches and then set the cache size to zero.

Computer consultant Dan Brumleve in Sunnyvale, Calif., said he discovered the flaw in Netscape Communicator 4.05 on August 23. He wrote a single CGI script, dubbed Cache-Cow, that exploits the security hole. Cache-Cow allows the user to view the URLs in someone else's browser cache.

"You can potentially get things like credit-card numbers and other private data that people have submitted through forms because those are also attached to the URL strings," Brumleve said. "Even if you accessed a site securely, it's not stored in an encrypted fashion on your hard drive, and your computer will give that information to whoever asks for it." All versions of Netscape browsers that support JavaScript are apparently susceptible, he added.

Brumleve offers a demonstration of Cache-Cow on his Web site, along with the following warning: "When you click this link, your browser will send its cached URLs to this HTTP server, which will then write them to a local file and return them back to you as evidence of its functionality. This is very bad for anyone who operates under the assumption that their Web browsing activities are private."

Sokolsky downplayed the security risk, however.

"The problem is not a security flaw -- it's really a potential privacy bug" that would let people read a directory of a cached file, she said. The problem doesn't allow someone to "view a user's hard drive, run any programs, see any passwords, files or plant a virus of any kind."

Join the newsletter!

Error: Please check your email address.
Show Comments
[]