Even the one(s) only accessable on the specified domain set in the cookie?
----- Original Message -----
From: Owens, Howard <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, May 16, 2000 6:45 PM
Subject: RE: "You have nice cookies .. mind if I have a look?"
>
> I went to the site and was able to search for any domain that has set
> cookies on my computer. The full Amazon cookie could be pulled up
> (thankfully, one-click is not enabled on this machine).
>
>
> H.
>
> =========================
> Howard Owens
> Web Producer
> InsideVC.com
> mailto:[EMAIL PROTECTED]
> =========================
>
> > -----Original Message-----
> > From: Todd Ashworth [SMTP:[EMAIL PROTECTED]]
> > Sent: Tuesday, May 16, 2000 3:36 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: "You have nice cookies .. mind if I have a look?"
> >
> > I'm not sure .. of course all the reports I've seen are going for shock
> > value and leaving the technical details usefull to the rest of us out.
> > You
> > could test it I suppose. You could set such a cookie on your computer
and
> > then go to the test site mentioned in the article and see if the exploit
> > can
> > find your cookie .. it gives you the option to type in a speciffic
domain
> > name to search for. It would be really kinda cool if it wasn't a
> > potential
> > hazard.
> >
> > BTW, Amazon and friends encrypt their cookies, from what I've heard.
> > Anyone
> > have any CF related info on doing the same?
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
