Bugtraq mailing list archives
Netscape 4.x buffer overflow
From: mbreuer () SIAC COM (Michael Breuer)
Date: Fri, 15 Oct 1999 09:21:13 -0400
I have found a buffer overflow in Netscape Communicator probably affecting all versions. The problem occurs when Communicator attempts to validate any key where the key length is > 2k. I have tested this on 4.61 and 4.7, unix (Irix) and Windows. Netscape has been notified of the problem and expect a fix for 4.8. As the problem manifests during the check of the key, any portion of the key chain which has a key > 2k triggers the problem. Thus, the potential for widespread DoS attacks via email. I suspect, but have not pursued, the possibility of exploiting the overflow to execute arbitrary code. -- Michael Breuer mbreuer () siac com
Current thread:
- PAM applications running as root (Was Re: WebTrends Enterprise Reporting Server) Darren Moffat (Oct 14)
- Re: PAM applications running as root (Was Re: WebTrends Enterprise Alan Cox (Oct 15)
- OpenLink 3.2 Advisory Tymm Twillman (Oct 15)
- execve bug linux-2.2.12 ben () VALINUX COM (Oct 15)
- Netscape 4.x buffer overflow Michael Breuer (Oct 15)
- Netscape 4.x buffer overflow Max Vision (Oct 18)
- Re: execve bug linux-2.2.12 Perly (Oct 15)
- Re: execve bug linux-2.2.12 visi0n (Oct 15)
- Re: execve bug linux-2.2.12 Alan Cox (Oct 16)
- Re: execve bug linux-2.2.12 ben () VALINUX COM (Oct 16)
- Re: execve bug linux-2.2.12 Matt Chapman (Oct 18)
- Re: execve bug linux-2.2.12 Taneli Huuskonen (Oct 19)
- Re: execve bug linux-2.2.12 Alan Cox (Oct 20)
- Microsoft Security Bulletin (MS99-044) Aleph One (Oct 20)
- Re: execve bug linux-2.2.12 Timo Felbinger (Oct 20)
- Netscape 4.x buffer overflow Michael Breuer (Oct 15)