From: Laurent Demailly <dl@hplyot.obspm.fr>
To: Ray Cromwell <rjc@clark.net>
Message Hash: 6b45f63609687041fcfd430ec81fb69596b838d8e78ea552b5522b0e0fdcd478
Message ID: <9509221014.AA18627@hplyot.obspm.fr>
Reply To: <199509220612.CAA11441@clark.net>
UTC Datetime: 1995-09-22 10:15:46 UTC
Raw Date: Fri, 22 Sep 95 03:15:46 PDT
From: Laurent Demailly <dl@hplyot.obspm.fr>
Date: Fri, 22 Sep 95 03:15:46 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Another Netscape Bug (and possible security hole)
In-Reply-To: <199509220612.CAA11441@clark.net>
Message-ID: <9509221014.AA18627@hplyot.obspm.fr>
MIME-Version: 1.0
Content-Type: text/plain
Ray Cromwell writes:
>
> I've found a Netscape bug which I suspect is a buffer overflow and
> may have the potential for serious damage. If it is an overflow bug,
> then it may be possible to infect every computer which accesses a web
> page with Netscape. To see the bug, create an html file containing
> the following:
[...]
The sortest host length I've found to cause seg fault is 356 (yes, and
not 256, 256+100 if you prefer :))
You can have a look at http://hplyot.obspm.fr/~dl/netscapesec/ for a
'demo' (click to crash)
dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|... Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept
Legion of Doom SEAL Team 6 Cocaine class struggle AK-47 jihad
fissionable
Return to September 1995
Return to “sameer <sameer@c2.org>”