Print
Discuss
Send to friend
RSS feedsA serious and as yet unfixed bug in Netscape's Java distribution means that home computers are open to attack simply if users are unlucky enough to visit a website containing malicious code.
The problem has emerged following the posting on the internet of code, dubbed Brown Orifice by its developer Dan Brumleve, which exploits a vulnerability in AOL's Netscape Navigator browser to allow an attacker to view the contents of a user's hard drive.
As yet, Netscape has not made a patch available to address the vulnerability and security experts advise that the only effective interim defence against the problem is to turn off Java in Navigator.
All versions of Netscape Navigator and Netscape Communicator versions 4.74 and earlier are vulnerable when Java is enabled. The flaw is not platform specific and systems running Windows 2000, Windows NT and Linux are known to be vulnerable through demonstration, although it is believed that Apple Macintosh users might be immune.
Matt Tomlinson, business development director at MIS Corporate Defence, said the malicious Java code uses a hole in Netscape to allow an attacker to access a user's environment.
He said users on local area networks should be protected by their firewalls, which commonly scan for malicious code, but the implications for home users are potentially "extremely serious" because the code can be modified to perform other functions.
"We believe that this exploit goes beyond file sharing and would allow an attacker to read email or perform port scanning. Anything you do from your desktop might be possible using this malicious Java code," said Tomlinson.
Richard Stagg, senior security architect at Information Risk Management, said the problem is one of the few that affect Netscape Navigator and not Internet Explorer, and added that it is more serious for home users.
He explained this is because in a corporate environment most internet connections go through a proxy server, which would guard against the exploit - but domestic users have no such defence.
"Home users are in genuine danger of having their files ripped. The only security recommendation on this is to turn off Java - but then things stop working," said Stagg.
Netscape declined to comment on the problem.
To turn Java off in Netscape Navigator:
1) Select Edit, then Preferences
2) Click on Advanced, then un-check the box next to 'Enable Java'
See also:
The end of last week saw further exploitation of UK company websites by what is a recurring threat in the IT world - the hacker. Five companies were hacked last week, but not by bored 'script kiddies', or those who do it just for fun. Three of the hacks were executed by GForce, a group which aims to raise awareness of the Indian government's treatment of Kashmir nationals. 11 Aug 2000All Hacking
del.icio.us
Digg this
reddit!
