At 06:15 AM 7/9/2003, Phil Pennock wrote:
The problem with these is when there are security holes in image rendering libraries (eg, versions of Netscape with custom handlers for extended information in GIF files). If you state the system architecture then it's relatively trivial to use the User-Agent field on the server-side to select the image with the correct shell-code to exploit your system.
Hmm, I hadn't thought of that one. There are a couple of discussions linked to from the Mozilla page I mentioned, but they're mainly focused on things like revealing the OS version to make follow-up hacking attempts easier. However, it seems to me that it would be just as trivial to put several malicious images on a single page, each targeting a different system. It's not as if multiple images on a page - or even multiple broken images - would raise much suspicion.
open source means I get to run stuff how I like it; everyone gets what they want (as long as they can make trivial hacks) so everyone's happy.
Agreed! Kelson Vibber www.hyperborea.org