buffer overflow vulnerability in netscape 3.0 to 4.5

From: Paul Boehm (pbat_private)
Date: Fri Oct 23 1998 - 10:31:30 PDT

Next message: Aleph One: "Microsoft Security Bulletin (MS98-016)"

Previous message: Brian Mitchell: "Re: iplogger-1.1+ident"
Next in thread: Paul Boehm: "Re: buffer overflow vulnerability in netscape 3.0 to 4.5"
Maybe reply: Paul Boehm: "Re: buffer overflow vulnerability in netscape 3.0 to 4.5"
Reply: Steven M. Bellovin: "Re: buffer overflow vulnerability in netscape 3.0 to 4.5"
Reply: Michael Tomaino: "Re: buffer overflow vulnerability in netscape 3.0 to 4.5"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Today news.com reported about a buffer overflow vulnerability in netscape3-4.5
found by Dan Brumleve <nothingat_private>.

Read the whole story on http://www.news.com/News/Item/0,4,27856,00.html?owv

a sample exploit for linux netscape has been published by Dan Brumleve
on his webpage: http://www.shout.net/~nothing/buffer-overflow-1/index.html

Netscape is working on a patch.

happy webbrowsing :),

  paul

--
.----------------------------------------------------------------------.
| mail: pbat_private   :: url: http://paul.boehm.org               |
| irc:  infected            :: pgp: finger pbat_private | pgp -fka |
 \.....Linux is like a wigwam - no windows, no gates, apache inside..../

Next message: Aleph One: "Microsoft Security Bulletin (MS98-016)"
Previous message: Brian Mitchell: "Re: iplogger-1.1+ident"
Next in thread: Paul Boehm: "Re: buffer overflow vulnerability in netscape 3.0 to 4.5"
Maybe reply: Paul Boehm: "Re: buffer overflow vulnerability in netscape 3.0 to 4.5"
Reply: Steven M. Bellovin: "Re: buffer overflow vulnerability in netscape 3.0 to 4.5"
Reply: Michael Tomaino: "Re: buffer overflow vulnerability in netscape 3.0 to 4.5"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:20:51 PDT