Bugtraq mailing list archives
Re: buffer overflow vulnerability in netscape 3.0 to 4.5
From: pb () INSECURITY NET (Paul Boehm)
Date: Fri, 23 Oct 1998 19:43:29 +0200
On Fri, Oct 23, 1998 at 07:31:30PM +0200, I wrote:
Netscape is working on a patch.
oh, and I almost forgot (in fact, i did): Netscape posted a workaround to their webpage that protects you against this specific overflow, but also prevents existing plugins from working. see: http://www.netscape.com/products/security/resources/bugs/mimebufferoverflow.html To quote their page, do the following to protect you: 1.In Communicator, select Preferences from the Edit menu. 2.In the Preferences dialog box, select the Navigator category. 3.Select Applications. 4.On the Description list, select the * entry and handled by Plug-in: Netscape Default. 5.Click on the Edit button. 6.Set Handled By to Unknown: PromptUser. 7.Restart Navigator or Communicator. bye, paul -- .----------------------------------------------------------------------. | mail: pb () insecurity net :: url: http://paul.boehm.org | | irc: infected :: pgp: finger pb () insecurity net | pgp -fka | \.....Linux is like a wigwam - no windows, no gates, apache inside..../
Current thread:
- 13 tiny bytes to show the huge sillyness of our great common bt398 (Oct 21)
- Re: 13 tiny bytes to show the huge sillyness of our great common Tero Pelander (Oct 22)
- bof in sdtcm_convert (Solaris 2.5) Joel Eriksson (Oct 23)
- buffer overflow vulnerability in netscape 3.0 to 4.5 Paul Boehm (Oct 23)
- Re: buffer overflow vulnerability in netscape 3.0 to 4.5 Paul Boehm (Oct 23)