Re: Another Netscape Bug (and possible security hole)
Received: from relay3.UU.NET [192.48.96.8] by alcor.process.com with SMTP-OpenVMS via TCP/IP; Fri, 22 Sep 1995 03:36 -0400 Received: from toad.com by relay3.UU.NET with SMTP id QQzigj22616; Fri, 22 Sep 1995 03:27:16 -0400 Received: by toad.com id AA02740; Fri, 22 Sep 95 00:24:28 PDT Received: from quilla.tezcat.com by toad.com id AA02734; Fri, 22 Sep 95 00:24:24 PDT Received: from [206.1.161.4] (clubred.redweb.com [206.1.161.4]) by quilla.tezcat.com (8.6.12/8.6.12) with SMTP id CAA23469 for <cypherpunks@toad.com>; Fri, 22 Sep 1995 02:24:21 -0500 X-Sender: goedel@204.128.247.5 Message-Id: <v01510100ac8821ac2b23@[206.1.161.4]> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Fri, 22 Sep 1995 02:25:21 -0600 To: cypherpunks@toad.com (Cypherpunks Mailing List) From: goedel@tezcat.com (Dietrich J. Kappe) Subject: Re: Another Netscape Bug (and possible security hole) Sender: owner-cypherpunks@toad.com Precedence: bulk
-----BEGIN PGP SIGNED MESSAGE-----
Ray Cromwell writes:
I've found a Netscape bug which I suspect is a buffer overflow and may have the potential for serious damage. If it is an overflow bug, then it may be possible to infect every computer which accesses a web page with Netscape. To see the bug, create an html file containing the following:
Oh brother, this is unbelievable !
I'm using Netscape 1.1N under SunOS 4.1.2.
I can crash Netscape 1.1N under NT by entering a URL with a very long domain name in the 'Location:' window. Peter Trei Senior Software Engineer Purveyor Development Team Process Software Corporation http://www.process.com trei@process.com
participants (1)
-
Peter Trei