[Mozilla Bug #131761] Buffer Overflow in Geck/Netscape 5.0/6.0?

From: Jonathan A. Zdziarski (jonathanat_private)
Date: Mon Mar 18 2002 - 13:27:49 PST

Next message: itojunat_private: "Re: TCP Connections to a Broadcast Address on BSD-Based Systems"

Previous message: Fletcher, Stephen J: "RE: Identifying Kernel 2.4.x based Linux machines using UDP"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

After performing some additional testing and parsing the feedback I've
received from the list, it looks like only the following are affected:

- Netscape 6.0 - 6.21 (Tested on Windows XP and RedHat 7.2)

- Mozilla Build 2001090111 (Included with RedHat 7.2)

And the following are not affected:

- Mozilla 0.9.9 (Tested on RedHat 7.1, 7.2, and Debian)

Not yet sure about at what version this changed.  I'm hoping someone at
Mozilla can confirm that it was truly fixed in 0.9.9 and not just
inadvertantly changed where it could pop up somewhere else or under
different circumstances.  I don't see this being reported anywhere else
(security focus lists), and can't seem to find any mention of it in any
release notes for mozilla.

If it has been fixed, it appears that it hasn't propogated to Netscape
yet, and RedHat probably should include the newer version (as I'm sure
they will) of the browser with future distributions.

Next message: itojunat_private: "Re: TCP Connections to a Broadcast Address on BSD-Based Systems"
Previous message: Fletcher, Stephen J: "RE: Identifying Kernel 2.4.x based Linux machines using UDP"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Mar 20 2002 - 20:57:31 PST