Bugtraq mailing list archives
Netscape 4 DoS/Possibly exploitable buffer overflow.
From: laslo () CPOL COM (Laslo Orto)
Date: Mon, 12 Jan 1998 16:23:34 -0500
I've never seen this posted/discussed anywhere before, so here it goes. Netscape (version verified is 4.03) has a buffer overflow bug in their bookmarks code. When somebody goes to a web page with a very long title (6-8k) and then s/he bookmarks the page, netscape will start crashing at loading bookmark.htm on startup. It's similar to the IE4 bug discovered not long ago, but here you have to get the victim to bookmark the attackers page. Laslo Orto Computer Pages / Better.Net Systems Administrator 253 Sheppard Ave. West laslo () cpol com / laslo () Better net Toronto, Canada M2N 1N2 www.cpol.com / www.better.net Ph: +1 416 225 3030 Fax: +1 416 225 6737
Current thread:
- Re: hole in sudo for MP-RAS., (continued)
- Re: hole in sudo for MP-RAS. Cy Schubert - ITSD Open Systems Group (Jan 12)
- Re: hole in sudo for MP-RAS. Todd C. Miller (Jan 12)
- Re: hole in sudo for MP-RAS. Cy Schubert - ITSD Open Systems Group (Jan 12)
- Re: hole in sudo for MP-RAS. Todd C. Miller (Jan 12)
- Re: hole in sudo for MP-RAS. Todd C. Miller (Jan 13)
- Re: hole in sudo for MP-RAS. dsiebert () ICAEN UIOWA EDU (Jan 12)
- Re: hole in sudo for MP-RAS. Todd C. Miller (Jan 12)
- CPSN 9:971208: Solaris /var Permission Problems CPIO Advisory Role Account (Jan 12)