The OpenNET Project / Index page
BSD, Linux, Cisco, Web, Palm, other unix
RUSSIAN version

Search
Новость: Новая программа: suspend - патчи для реализации "Suspend to disk" в Linux
SOFT - Unix Software catalog
LINKS - Unix resources
TOPIC - Articles from usenet
DOCUMENTATION - Unix guides
News | Tips | MAN | Forum | BUGs | LastSoft | Keywords | BOOKS (selected) | Linux HowTo | FAQ Archive

Accept overflow on Netscape Enterprise Server 3.6 SP2


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
Date: Mon, 13 Sep 1999 00:17:46 +0900
From: Nobuo Miwa <n-miwa@LAC.CO.JP>
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Accept overflow on Netscape Enterprise Server 3.6 SP2

Hi,

I found a vulnerability in "Enterprise 3.6 SP 2 SSL Handshake fix"..
I sent a malformed URL to the server and its service was dead.

Its URL is following...

  GET / HTTP/1.0
  Accept: aaaaaaaaaaaaaa...2000byte/gif

Ofcourse you must be able to execute small code you like with
"long Accept" command(just like htr problem on IIS).

I've reported this to Netscape on 31st Aug. They've just
finished making the patch(maybe SP3). It must be released soon.
I'm gonna post this to BUGTRAQ after they release the patch, but
someone posted it to some other mailing lists. So I decided
to post it to here today.

Thanks,
Nobuo Miwa(Moderator of BUGTRAQ-JP)

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
Закладки
Добавить в закладки
Created 1996-2003 by Maxim Chirkov  
ДобавитьРекламаВебмастеруЦУПГИД  
SpyLOG TopList
RB2 Network. RB2 Network.