X-RDate: Wed, 14 Jan 1998 11:36:40 +0500 (ESK)
Date: Mon, 12 Jan 1998 16:23:34 -0500
From: Laslo Orto <laslo@CPOL.COM>
To: BUGTRAQ@NETSPACE.ORG
Subject: Netscape 4 DoS/Possibly exploitable buffer overflow.
I've never seen this posted/discussed anywhere before, so here it goes.
Netscape (version verified is 4.03) has a buffer overflow bug in their
bookmarks code. When somebody goes to a web page with a very long title
(6-8k) and then s/he bookmarks the page, netscape will start crashing at
loading bookmark.htm on startup. It's similar to the IE4 bug discovered
not long ago, but here you have to get the victim to bookmark the attackers
page.
Laslo Orto Computer Pages / Better.Net
Systems Administrator 253 Sheppard Ave. West
laslo@cpol.com / laslo@Better.net Toronto, Canada M2N 1N2
www.cpol.com / www.better.net Ph: +1 416 225 3030
Fax: +1 416 225 6737