Bugtraq mailing list archives
Re: CRYX present: netscape profesional services ftp service
From: lcamtuf () DIONE IDS PL (Michal Zalewski)
Date: Sat, 22 Jul 2000 20:56:07 +0200
On Wed, 19 Jul 2000, l33thax0r wrote:
gr33tings to all our friendz - you know who y0u are! special gr33tings to d00d that find this bug!
Actually, that was me, about two weeks ago, while performing loose security audit of this release (1.39). Regardless of really poor contents, this mail seems to be based on information that leaked from us (it has been posted to some people in Poland) - including almost extactly cited examples from original post. I contacted someone at Netscape, but didn't get satisfying response, so I simply forgot about it - which wasn't the best solution, as I can see. There are still some problems left, and they're working on it. I am not aware of any working exploits, but I guess exploitation isn't something really difficult (especially in such complex codepiece, %p 'pointer overwrite' bugs are deadly dangerous). Thanks, _______________________________________________________ Michal Zalewski [lcamtuf () tpi pl] [tp.internet/security] [http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};: =-----=> God is real, unless declared integer. <=-----=
Current thread:
- Blackboard Courseinfo v4.0 User Authentication Pedram Amini (Jul 18)
- Re: Blackboard Courseinfo v4.0 User Authentication Jeff Beley (Jul 18)
- CRYX present: netscape profesional services ftp service l33thax0r (Jul 19)
- Re: CRYX present: netscape profesional services ftp service Michal Zalewski (Jul 22)
- Re: Blackboard Courseinfo v4.0 User Authentication Sultan Meghji (Jul 19)
- CRYX present: netscape profesional services ftp service l33thax0r (Jul 19)
- Re: Blackboard Courseinfo v4.0 User Authentication Jeff Beley (Jul 18)