Bugtraq mailing list archives

Netscape 4 DoS/Possibly exploitable buffer overflow.

From: laslo () CPOL COM (Laslo Orto)
Date: Mon, 12 Jan 1998 16:23:34 -0500


I've never seen this posted/discussed anywhere before, so here it goes.

Netscape (version verified is 4.03) has a buffer overflow bug in their
bookmarks code. When somebody goes to a web page with a very long title
(6-8k) and then s/he bookmarks the page, netscape will start crashing at
loading bookmark.htm on startup. It's similar to the IE4 bug discovered
not long ago, but here you have to get the victim to bookmark the attackers
page.


Laslo Orto                              Computer Pages / Better.Net
Systems Administrator                   253 Sheppard Ave. West
laslo () cpol com / laslo () Better net       Toronto, Canada M2N 1N2
www.cpol.com / www.better.net           Ph: +1 416 225 3030
                                        Fax: +1 416 225 6737

Current thread:

Re: hole in sudo for MP-RAS., (continued)
- - - Re: hole in sudo for MP-RAS. Cy Schubert - ITSD Open Systems Group (Jan 12)
    - Re: hole in sudo for MP-RAS. Todd C. Miller (Jan 12)
    - Re: hole in sudo for MP-RAS. Cy Schubert - ITSD Open Systems Group (Jan 12)
    - Re: hole in sudo for MP-RAS. Todd C. Miller (Jan 12)
    - Re: hole in sudo for MP-RAS. Todd C. Miller (Jan 13)
    - Re: hole in sudo for MP-RAS. dsiebert () ICAEN UIOWA EDU (Jan 12)
    - Re: hole in sudo for MP-RAS. Todd C. Miller (Jan 12)
    - CPSN 9:971208: Solaris /var Permission Problems CPIO Advisory Role Account (Jan 12)
  - update on Solaris 2.6 security logging Ruth Milner [VLA] (Jan 12)
  - Q179129: STOP 0x0000000A Due to Modified Teardrop Attack Aleph One (Jan 12)
  - Netscape 4 DoS/Possibly exploitable buffer overflow. Laslo Orto (Jan 12)
- Addendum to FrontPage password issue joey () CORINNE CPIO ORG (Jan 09)