Bugtraq mailing list archives
Re: Ray Cromwell: Another Netscape Bug (and possible security
From: neil () legless demon co uk (Neil Woods)
Date: Thu, 28 Sep 1995 04:24:06 +0100
On my BSDI2.0 machine running Netscape 1.1N, this causes a segmentation fault and subsequent coredump. GDB reports nothing useable (stripped executable)I cannot reproduce this bug on the following platforms: Solaris 2.5 beta/Netscape 1.1NI've reproduced it fine under sol2.4 1.1N. The page I tested from is http://www.aloha.net/~newsham/test.html. Simply click on the long test url and core dump. (You can view source before clicking to see what you are clicking on if you dont trust me :)Howard Owen hbo () octel com Octel Communications Corporation 1024/DC671C31 =
Ive tried this url, it does indeed core dump. Just had a quick look at the core. From first impressions, it's a global overwrite. Therefore we're not overwriting a flushed stack frame, so a syslog(3) style exploit is impossible. Global overwrites can be exploited, but due to the scenario we're looking at, I'd consider exploit chances to be very low indeed. Cheers, Neil -- Let the Mystery Be, So Watcha Want, Longing In Their Hearts, Hate My Way, M-Bike, Safari, Uncle June and Aunt Kiyoti, Daisy Dead Petals, Tuff Gnarl. ...like a badger with an afro throwing sparklers at the Pope...
Current thread:
- Ray Cromwell: Another Netscape Bug (and possible security hole) Perry E. Metzger (Sep 22)
- Re: Ray Cromwell: Another Netscape Bug (and possible security Howard B Owen (Sep 22)
- Re: Ray Cromwell: Another Netscape Bug (and possible security Jim Wright (Sep 22)
- Re: Ray Cromwell: Another Netscape Bug (and possible security Howard B Owen (Sep 29)
- Re: Ray Cromwell: Another Netscape Bug (and possible security Timothy Newsham (Sep 25)
- livingston.. *Hobbit* (Sep 26)
- Re: livingston.. Julian Assange (Sep 29)
- cisco enable passwords (was: Re: livingston.. ) David Carrel (Sep 29)
- Re: Ray Cromwell: Another Netscape Bug (and possible security Jim Wright (Sep 22)
- Re: Ray Cromwell: Another Netscape Bug (and possible security Neil Woods (Sep 27)
- Re: Ray Cromwell: Another Netscape Bug (and possible security Neil Woods (Sep 27)
- Re: Ray Cromwell: Another Netscape Bug (and possible security Howard B Owen (Sep 22)