Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Potential overflow in Internet Explorer

From: Felipe Franciosi <franciozzy () TERRA COM BR>
Date: Tue, 6 Feb 2001 08:19:25 -0200
Now I've seen the segfault of IE on an WinNT 4.0 with
Internet Exploder 5.00.2919.6307.

And what about this apache Forbidden message? Does anyone knows what
that is about?

Best Regards,
Felipe


On Mon, 5 Feb 2001 14:40:22 -0800 , "Pascal Jobin" <pascal.jobin () gsig-net qc ca> wrote:


I got a forbidden message too from an Apache 1.3.12 server running under Red
hat linux 6.2 (Kernel 2.2.14-5.0).

I run Win2000 Advanced server with IE 5.5. IE 5.5 nerver crash.

Pascal Jobin

----- Original Message -----
From: "Felipe Franciosi" <franciozzy () TERRA COM BR>
To: <VULN-DEV () SECURITYFOCUS COM>
Sent: Monday, February 05, 2001 4:35 AM
Subject: Re: Potential overflow in Internet Explorer



Hi,

I've tried with different lenghts of "a"s up to 1024 chars.
The IE did NOT crashed, but when I used 1024 chars, I got a Forbidden
message from an Apache  1.3.17  running on a Linux Slackware 7.1 with
Kernel 2.2.18, instead of a 404.
I'm sure the URL doesn't exist because I run the machine. :-)

btw, the workstation is a win2k english professional edition with IE
version 5.00.2920.0000, cipher 56-bit.

[]'s Felipe

On Mon, 29 Jan 2001 20:12:20 -0800 , joetesta () HUSHMAIL COM wrote:


Hi all --


    While doing some testing on a web server, I discovered that Internet
Explorer crashes when the following URL is typed in the address bar:


        http://www.server.com/[a lot of 'A's]


Here is the resulting dump:


IEXPLORE caused an invalid page fault in
module <unknown> at 0000:41414141.
Registers:
EAX=00000000 CS=017f EIP=41414141 EFLGS=00010246
EBX=00000000 SS=0187 ESP=0058568c EBP=41414141
ECX=0000002e DS=0187 ESI=01eef058 FS=581f
EDX=004bcd28 ES=0187 EDI=0042b6ac GS=0000
Bytes at CS:EIP:

Stack dump:
41414141 41414141 41414141 41414141
41414141 41414141 41414141 41414141
41414141 41414141 41414141 41414141
41414141 41414141 41414141 41414141


    I am using version 5.50.4522.1800 on Win98 SE with all critical

updates

installed.  I attempted to reproduce this crash on three other machines
without success.  Their version numbers where:

        5.00.2614.3500,
        5.50.4134.0100,
        5.50.4134.0600

    It seems as though this may be some sort of regression error,
bad mix of software, or both.  Can anyone else reproduce this?


        - Joe Testa  ( joetesta () hushmail com )



--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 Felipe Franciosi
 franciozzy () corp terra com br         UIN - 33596050
 Suporte Nacional Terra Networks Brasil S.A.
 http://www.terra.com.br           Porto Alegre - RS
 Fone: (51) 284 4230
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=





--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 Felipe Franciosi
 franciozzy () corp terra com br         UIN - 33596050
 Suporte Nacional Terra Networks Brasil S.A.
 http://www.terra.com.br           Porto Alegre - RS
 Fone: (51) 284 4230
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Previous By Date Next
Previous By Thread Next

Current thread: