BANKING TECHNOLOGY ADVISORY: information security, Internet banking, bank technology, core processing, ACH processing, debit cards, smart card, check imaging, ATMs, EBPP

<a href="http://adserve.bankersonline.com/cgi-bin/advertpro/blink.fpl?region=2&slot=1" target="_top"><img src="http://adserve.bankersonline.com/cgi-bin/advertpro/bimg.fpl?region=2&slot=1&keyword=NULL" border="0"></a>


Site Map Our Sponsors Home

January 30, 2002

Print Friendly!

Email This Article!

<a href="http://adserve.bankersonline.com/cgi-bin/advertpro/blink.fpl?region=34&slot=1" target="_top"><img src="http://adserve.bankersonline.com/cgi-bin/advertpro/bimg.fpl?region=34&slot=1&keyword=NULL" border="0"></a>

NIST Virus Info
Top Threat List
McAfee Anti-Virus
F-Secure
Trend Micro
Wells' Wild List
Stiller Research
Tracking Map
Virus News
Virus Myths/Hoaxes

Netscape Browser Vulnerable to Cookie Theft
Web sites use cookies to store user information and possibly authentication credentials used for session management making it easier for users to to move efficiently across the Internet without having to remember usernames and passwords to sites they visit. While cookies allow a great many benefits, users must remain vigiliant to potential vulnerabilities that could comprise security.

A flaw was recently discovered in Netscape 6 through 6.2 versions of the Netscape browser. The vulnerability could enable an attacker to potentially gain access to the user's authentication credentials stored in a cookie. With access to these credentials, an attacker may masquerade as an authorized user and execute transactions with the same privileges as the authorized user. Netscape reports that there are no known instances of this flaw being exploited.

This issue does not affect users of Netscape 6.2.1, which is currently available for download, nor does it effect users of Netscape Communicator 4.x versions. Netscape users of versions 6 through 6.2 should upgrade to the recently released Netscape 6.2.1 browser.

Previous Tech Alerts:
01/28/02 "My Party" Mass Mailing Worm
01/18/02 IT Contingency Planning Guide, Information Security Checklist and Solaris Vulnerability
01/15/02 Trojan.StartPage Alters Web Browsers
01/12/02 New Internet Worm Gigger Masquerades as Microsoft Outlook Upgrade
01/08/02 Microsoft Universal Plug and Play Vulnerability
12/20/01 Holiday Themed Computer Virus Unleashed

Home | Compliance | Lending | Operations | Security | Marketing | Technology | eBanking

BOL Archives Privacy Policy Important Disclaimer Recommend This Site ! Contact Us

BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.