Netscape Clarifies Cookie Bug

Netscape Communications Corp. says a
browser bug reported by the operator of a consumer information Web site
isn’t a bug after all.

Russ Smith, owner of
said earlier this week his server logs were exposing cookie information
from his site’s visitors, including passwords and logins from other Web sites.

Web sites routinely use cookies to store user names and passwords so users
don’t have to manually log in to Web sites they frequently visit.

Netscape said the problem was caused by corrupted cookie files and not any
problem with the browser or Web server software. Netscape said the cookie
files Smith supplied are missing a carriage return command at the end of
some entries, causing the Web server to keep reading the file after the
point where it would normally stop.

Netscape said the problem was rare and stressed users could take
precautions against cookie corruption, including shutting down the
operating system before turning off their computers. Users also have the
option of turning off cookies in their browser preferences.

News Around the Web