| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Re: Real or bogus |
From: Gregg N
"Paul Ranson" wrote in news:422f20a5$1{at}w3.nls.net:
> It uses a Java applet to determine your local IP address. No Java, no
> address.
>
> The applet posts the local address back to the server, so now they
> know too.
>
> I don't see how exposing a local, but unreachable, IP address is a
> vulnerability. I also don't see any need for Java. Problem solved.
Yes, disabling Java appears to prevent my local IP from being sent to them.
I too don't immediately see any problem, but I wonder if this could be used
to escalate the severity of some other vulnerability.
Gregg
--- BBBS/NT v4.01 Flag-5
* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45)SEEN-BY: 633/267 270 5030/786 @PATH: 379/45 1 106/2000 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.