Skip to content
Tips for Tech

Tech Alert Briefing for 1/30/2002



Netscape Browser Vulnerable to Cookie Theft
Web sites use cookies to store user information and possibly authentication credentials used for session management making it easier for users to to move efficiently across the Internet without having to remember usernames and passwords to sites they visit. While cookies allow a great many benefits, users must remain vigiliant to potential vulnerabilities that could comprise security.

A flaw was recently discovered in Netscape 6 through 6.2 versions of the Netscape browser. Thevulnerability could enable an attacker to potentially gain access to the user's authentication credentials stored in a cookie. With access to these credentials, an attacker may masquerade as an authorized user and execute transactions with the same privileges as the authorized user.Netscape reports that there are no known instances of this flaw being exploited.

This issue does not affect users of Netscape 6.2.1, which is currently available for download, nor does it effect users of Netscape Communicator 4.x versions. Netscape users of versions 6 through 6.2 should upgrade to the recently released Netscape 6.2.1 browser.

Previous Tech Alerts:
01/28/02 "My Party" Mass Mailing Worm
01/18/02 IT Contingency Planning Guide, Information Security Checklist and Solaris Vulnerability
01/15/02 Trojan.StartPage Alters Web Browsers
01/12/02 New Internet Worm Gigger Masquerades as Microsoft Outlook Upgrade
01/08/02 Microsoft Universal Plug and Play Vulnerability
12/20/01 Holiday Themed Computer Virus Unleashed

First published on 01/29/2002

Briefing type: 

Banker Tools View All

A collection of useful resources for various areas of the bank which have been developed by members of the BankersOnline staff or have been created and contributed by users of the BankersOnline site.

Banker Tools

Penalties View All

Search Briefings

Briefing Archives