× Few antiviral products inadequately detect 3proxy as Trojan.Daemonize, Backdoor.Daemonize, etc and many detect 3proxy as a PUA (potentially unwanted program). It may cause browser warning on download page. 3proxy is not trojan or backdoor and contains no functionality except described in documentation. Clear explanation of this fact is given, for example, in Microsoft's article.

Author                  : 3APA3A <[email protected]>
Affected software       : Netscape 4.7x All Platforms
Vendor                  : Netscape (IPlanet)
Risk                    : Low
Remotely Exploitable    : Yes
Released                : 30 May 2001
Vendor URL              : http://www.netscape.com
SECURITY.NNOV advisories: http://www.security.nnov.ru/advisories


Netscape  Messanger  uses  internal  protocol  called  mailbox://. The
format of mailbox URI is
this  URI  contains full path to user's mailbox which usually contains
user's  login  name  and  in case of Windows 9x - the path to Netscape


It's  possible  to  retrieve mailbox:// URI of the message. E.g., it's
possible to retrieve mailbox location, user's system login and in some
cases path to Netscape installation.


When  link  invoked  from  message,  Netscape sets "document.referrer"
property  to URI of the message contained this link. Javascript on the
target  page  is  able  to  retrieve  this property and pass it to any
location together with IP of calling machine.


The simple message below forces Netscape Messanger to open new window.
Target  page  will  display your IP and document.refferer. If you read
this  message  with  Netscape  Messanger  you can simply click http://
reference below.
From: 3APA3A
To: 3APA3A
Subject: Test your Netscape
Content-Type: text/html



Netscape was contacted May, 30 2001 via
No feedback were given.