Bugtraq mailing list archives

buffer overflow vulnerability in netscape 3.0 to 4.5

From: pb () INSECURITY NET (Paul Boehm)
Date: Fri, 23 Oct 1998 19:31:30 +0200


Today news.com reported about a buffer overflow vulnerability in netscape3-4.5
found by Dan Brumleve <nothing () shout net>.

Read the whole story on http://www.news.com/News/Item/0,4,27856,00.html?owv

a sample exploit for linux netscape has been published by Dan Brumleve
on his webpage: http://www.shout.net/~nothing/buffer-overflow-1/index.html

Netscape is working on a patch.

happy webbrowsing :),

  paul

--
.----------------------------------------------------------------------.
| mail: pb () insecurity net   :: url: http://paul.boehm.org               |
| irc:  infected            :: pgp: finger pb () insecurity net | pgp -fka |
 \.....Linux is like a wigwam - no windows, no gates, apache inside..../

Current thread:

13 tiny bytes to show the huge sillyness of our great common bt398 (Oct 21)
- Re: 13 tiny bytes to show the huge sillyness of our great common Tero Pelander (Oct 22)
- bof in sdtcm_convert (Solaris 2.5) Joel Eriksson (Oct 23)
- buffer overflow vulnerability in netscape 3.0 to 4.5 Paul Boehm (Oct 23)
  - Re: buffer overflow vulnerability in netscape 3.0 to 4.5 Paul Boehm (Oct 23)