Information security centric blog. Covering administrative, technical and governance security issues. Topics include compliance, microsoft windows, apple osx, solaris, unix and linux technical how-to. Discussions regarding penetration testing, security assessments, and security controls. Opinions related to PCI-DSS, NERC, FERC ISO27000 and other compliance related themes.
Some new research published by Robert Hansen (aka RSnake) released a new paper on June 8th describing vulnerabilities associated with the way that browsers use caching and this can be abused when a client accesses content on different networks with matching internal non-routable IP addressing schemes.
The paper provides a description of the limitations of the attacks and the specific conditions which would make it possible. It would be prudent to review the paper and see if this applies to you.