SECURITY ALERT: ALL NETSCAPE BROWSER USERS!

SECURITY ALERT: ALL NETSCAPE BROWSER USERS!
by Craig Stevens, EE
http://www.suttondesigns.com
http://www.egroups.com/group/netsavers-newsletter/
------------------------------------------------------------
Contents:
1) Netscape Users Affected by Security Hole
2) Netscape Flaw Displays Hard Drive
3) Enigma Browser 2.0 NOT AFFECTED by Brown Orifice
Home Page and Search! http://www.suttondesigns.com/engine.htm
------------------------------------------------------------
The Netsavers Software Newsletter can continue to be free
ONLY if its high quality membership continues to increase.
Please help me to keep this Newsletter free, by telling
(5) friends about it.
Thank you! --Craig Stevens
------------------------------------------------------------
Send this Newsletter to a friend!
They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.
netsavers-newsletter-subscribe@egroups.com
------------------------------------------------------------
1) Netscape Users Affected by Security Hole
------------------------------------------------------------
WASHINGTON (AP)
Security experts were warning Internet users Monday about a security
hole in Netscape's Web browser that has already infected almost 1,000
computers.
Once a computer is infected, a hacker can click through the victim's
computer and see, run and delete files on the target computer. The
method, dubbed ``Brown Orifice'' in a reference to the popular hacker
tool BackOrifice, has been making the rounds of computer security
mailing lists and bulletin boards over the weekend.
Netscape has not yet made a remedy available, but are working on the
problem.
``Netscape takes all security issues very seriously,'' said Netscape
spokesman Andrew Weinstein, ``We're working to quickly evaluate and
address this concern.''
The person who posted the code, who identified himself as Dan
Brumleve, also posted a sample bit of computer code on his Web site
that can be modified for more malicious purposes and a list of some
of the users who have been infected.
This list is being used by other hackers, said computer security
expert Chris Rouland of Internet Security Systems, making those
infected computers open to anyone who wants to click through their
wide-open hard drives.
``As of (Monday) morning,'' Rouland said,''965 people have it
loaded.''
It's common practice to make dangerous code public, so that security
professionals can better prepare themselves to defend against the
code. ISS said that information about the security hole had also
appeared on several popular Web sites such as Slashdot, an online
community of users of the Linux operating system.
``It can be assumed that knowledge of the exploit, its source code,
and variations are widespread,'' ISS said in a press release.
However, there is still no remedy available from Netscape. Atlanta-
based ISS, which analyzed the security hole, advises Netscape users
to disable the Java programming language in their browser. Netscape,
owned by America Online, suggested the same temporary workaround.
Both ISS and Netscape officials noted that business users, because
they're protected by the company's network firewall, are not
vulnerable.
Rouland said Brown Orifice is especially dangerous because it's easy
to modify, and can be changed into a self-copying virus form -- as
opposed to the current infection method, where a victim visits a Web
site that includes the malicious code.
``The bar's been lowered for any script-kiddie to modify this code
and make it even more malicious,'' Rouland said.
Netscape Communicator versions 4.74 and earlier are affected, Rouland
said. Microsoft Internet Explorer users and users of the Mozilla pre-
release version of the new Netscape browser 6.0 are not vulnerable to
this problem.
Rouland noted that Microsoft users who have switched to Netscape -- a
company whose history includes the earliest Web browsers -- after the
recent stream of Microsoft-related security holes in Internet
Explorer and the Outlook and Outlook Express e-mail programs are
finding that no computer programs are without problems.
Also on Monday, another security expert pointed out a security hole
in Microsoft's Word and Excel products that can let a hacker take
over the victim's computer. Microsoft officials said they are working
on the issue.
``The vendor-changing strategy obviously doesn't work,'' he said.
``Security coding practices are being ignored by even one of the
Internet's oldest companies.''
------------------------------------------------------------
2) Netscape Flaw Displays Hard Drive
------------------------------------------------------------
Bob Sullivan, MSNBC
Aug. 7 — A flaw in Netscape Communications' Web browser could allow a
malicious programmer to view the contents of a victim's computer over
the Internet. The flaw is rather straightforward — programmers can
tell a Java applet included in the browser to display a directory of
what's on the victim's hard drive. Victims must visit a Web page that
has been designed with the malicious code to be vulnerable.
THE VULNERABILITY WAS DISCOVERED recently by a security expert and
posted to the BugTraq mailing list Friday night. In his message, Dan
Brumleve released an example of the vulnerability and called it Brown
Orifice, an allusion to the infamous computer vandal tool Back
Orifice.
But "Brown Orifice" only allows computer vandals to view and read a
victim's files; Back Orifice allows an intruder to actually take
complete control of a victim's computer remotely.
However, security expert Chris Rouland thinks the Netscape flaw may
be a more serious problem than Back Orifice.
"With Back Orifice, people had to do something to infect themselves.
With this, everyone who uses Netscape has this problem," he said.
A spokesperson for Netscape confirmed the company was looking into
the flaw.
"We are working to quickly evaluate and address this concern. If the
reports are accurate, we plan to make a patch available. In the
interim, users can protect themselves by simply turning off Java."
Netscape users select edit, then preferenfces, then advanced options,
and then uncheck enable Java and enable Javascript.
The flaw affects most versions of Netscape, including Linux and
Windows versions. The problem lies in four Java component which can
be tricked to turn a standard PC into a Web server, and then allow
that Web server to display the contents of its hard drive.
"I'm surprised [the problem] is still in there," Brumleve, 22,
said. "It's kind of obvious, really."
The second half of the flaw involves two parts of Java
called "Netscape.Net.URLInputStream,"
and "Netscape.Net.URLConnection." They are designed to allow
programmers to display Web pages within the browser — but Brumleve
discovered the applets can just as easily be told to display local
files instead.
On Brumleve's demonstration page, he offers visitors a chance to see
the vulnerability in action by volunteering to submit their computers
to it. Hundreds have apparently taken him up on the offer, as there
are many links to computers that have allegedly been accessed using
this method, starting at midday on Sunday. But none of the links
worked when visited at midday Monday.
There are a number of vulnerabilities that allow some kind of
malicious access to a victim's computer through a specially crafted
Web page; none has become a widespread problem rising to the level of
a computer virus, which can spread on its own.
Still, Elias Levy, who administers the BugTraq list, described the
bug as "somewhat powerful" and potentially dangerous.
"In this day and age the line between Web pages and e-mails is
blurring," he said. "You can run a Web page from the preview pane in
Microsoft Outlook, for example."
------------------------------------------------------------
3) Enigma Browser 2.0 NOT AFFECTED by Brown Orifice
-----------------------------------------------------------
Like the previous version, the NEW Enigma Browser 2.0 utilizes the
underlying Windows operating system and extensions, but does not
require that any other browser be installed. The Enigma Browser 2.0
is also NOT AFFECTED by Brown Orifice, even though the Enigma Browser
2.0 does Javascript and frames.
Designed for Windows 95/98, Enigma Browser 2.0 doubles as a full
screen file viewer. No Spyware, Adware, Nags. And yes, it is
completely free!
New with this version:
======================
1) Automatic full screen adjustment at different monitor resolutions.
2) Enigma Browser now has a full width URL window with session
history (history is automatically erased with closing of
session).
3) Enigma Browser now Mimimizes to taskbar.
4) Multiple Enigma Browser launches now supported.
5) Enigma Browser now supports full width and height scrolling.
6) Enigma Browser kernel is only 16 kb, retaining small memory useage
and fast loading benefits.
7) Enigma Browser is FREE and has NO Spyware or Adware!
• Download Enigma Browser 2.0 Here:
http://www.suttondesigns.com/EnigmaBrowser/index.html
------------------------------------------------------------
To Unsubscribe: send a BLANK letter to:
netsavers-newsletter-unsubscribe@egroups.com


Craig Stevens, EE
http://www.suttondesigns.com/NetsaversCenter/index3.html


http://www.egroups.com/group/netsavers-newsletter/