The OpenNET Project / Index page
BSD, Linux, Cisco, Web, Palm, other unix
RUSSIAN version

Search
Выпущена CD-версия OpenNet.RU для оффлайн просмотра.
Для формирования заказа - перейдите по ссылке
.
SOFT - Unix Software catalog
LINKS - Unix resources
TOPIC - Articles from usenet
DOCUMENTATION - Unix guides
News | Tips | MAN | Forum | BUGs | LastSoft | Keywords | BOOKS (selected) | Linux HowTo | FAQ Archive

Netscape 4 DoS/Possibly exploitable buffer overflow.


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
X-RDate: Wed, 14 Jan 1998 11:36:40 +0500 (ESK)
Date: Mon, 12 Jan 1998 16:23:34 -0500
From: Laslo Orto <laslo@CPOL.COM>
To: BUGTRAQ@NETSPACE.ORG
Subject: Netscape 4 DoS/Possibly exploitable buffer overflow.

I've never seen this posted/discussed anywhere before, so here it goes.

Netscape (version verified is 4.03) has a buffer overflow bug in their
bookmarks code. When somebody goes to a web page with a very long title
(6-8k) and then s/he bookmarks the page, netscape will start crashing at
loading bookmark.htm on startup. It's similar to the IE4 bug discovered
not long ago, but here you have to get the victim to bookmark the attackers
page.


Laslo Orto                              Computer Pages / Better.Net
Systems Administrator                   253 Sheppard Ave. West
laslo@cpol.com / laslo@Better.net       Toronto, Canada M2N 1N2
www.cpol.com / www.better.net           Ph: +1 416 225 3030
                                        Fax: +1 416 225 6737

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
Закладки
Добавить в закладки
Created 1996-2003 by Maxim Chirkov  
ДобавитьРекламаВебмастеруЦУПГИД  
SpyLOG TopList