Remote CGI can crash Netscape 4.x

From: Jim Paris (jimat_private)
Date: Mon Oct 05 1998 - 13:33:13 PDT

Next message: Randy Richardson: "Re: NMRC Advisory - "Decryption" of the RCONSOLE Password"

Previous message: Simple Nomad: "Patch for GroupWise buffer overflow"
Next in thread: Aleph One: "Re: Remote CGI can crash Netscape 4.x"
Reply: Aleph One: "Re: Remote CGI can crash Netscape 4.x"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Netscape 4.x will crash when given a content-type of "internal/parser".
Earlier versions seem unaffected.  Tested versions are 4.05 and 4.5b1.
Under Win95 it simply hangs and needs a three finger salute to kill it.
It dies with a bus fault under Linux.  To test it, try
http://www.jtan.com/~jim/netscape-crash.cgi , which contains

#!/bin/sh
echo Content-type: internal/parser
echo
echo If you can see this, your browser is OK!

It may be possible to do worse than crash a browser.  If this data is
going to the same place that parsed pages go, I would imagine that
buffer overflows are present.

I submitted a bug report to Netscape.

-jim

Next message: Randy Richardson: "Re: NMRC Advisory - "Decryption" of the RCONSOLE Password"
Previous message: Simple Nomad: "Patch for GroupWise buffer overflow"
Next in thread: Aleph One: "Re: Remote CGI can crash Netscape 4.x"
Reply: Aleph One: "Re: Remote CGI can crash Netscape 4.x"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:18:50 PDT