1995-09-25 - Re: Another Netscape Bug (and possible security hole)

Header Data

From: Laurent Demailly <dl@hplyot.obspm.fr>
To: Ray Cromwell <rjc@clark.net>
Message Hash: 8cabdd234ee6c9d3303eb16b76297a9278022dfcc8c208849f00d9ef4eaab420
Message ID: <9509252047.AA01994@hplyot.obspm.fr>
Reply To: <199509221236.IAA03762@frankenstein.piermont.com>
UTC Datetime: 1995-09-25 20:47:57 UTC
Raw Date: Mon, 25 Sep 95 13:47:57 PDT

Raw message

From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Mon, 25 Sep 95 13:47:57 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509221236.IAA03762@frankenstein.piermont.com>
Message-ID: <9509252047.AA01994@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain



It's not an exploit script, but you can find an auto crash "animation"
for Ray's discovered bug on 
  http://hplyot.obspm.fr/~dl/netscapesec/c1.html
(or click from the updated http://hplyot.obspm.fr/~dl/netscapesec/)
Btw, from my tests, looks like the SunOs version is not crashing after
356 bytes like my first HPUX/Solaris test but needs a slightly longer
url, if folks can try out the above urls and confirm/infirm crash for
other platforms, thx !


dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

assassination North Korea terrorist SEAL Team 6 radar supercomputer
PLO





Thread