January 30, 2002
Netscape Browser Vulnerable to Cookie Theft
A flaw was recently discovered in Netscape 6 through 6.2 versions of the Netscape browser. The vulnerability could enable an attacker to potentially gain access to the user's authentication credentials stored in a cookie. With access to these credentials, an attacker may masquerade as an authorized user and execute transactions with the same privileges as the authorized user.
Netscape reports that there are no known instances of this flaw being exploited.
This issue does not affect users of Netscape 6.2.1, which is currently available for download, nor does it effect users of Netscape Communicator 4.x versions. Netscape users of versions 6 through 6.2 should upgrade to the recently released Netscape 6.2.1 browser.
Previous Tech Alerts:
01/28/02 "My Party" Mass Mailing Worm
01/18/02 IT Contingency Planning Guide, Information Security Checklist and Solaris Vulnerability
01/15/02 Trojan.StartPage Alters Web Browsers
01/12/02 New Internet Worm Gigger Masquerades as Microsoft Outlook Upgrade
01/08/02 Microsoft Universal Plug and Play Vulnerability
12/20/01 Holiday Themed Computer Virus Unleashed
Home | Compliance | Lending | Operations | Security | Marketing | Technology | eBanking
BankersOnline is a free service made possible by the generous support of our
advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all
banking professionals. Support our advertisers and sponsors by clicking
through to learn more about their products and services.