From: "Martin Diehl" <mdiehl@dttus.com>
Date: Wed, 18 Oct 95 13:20:05 PDT
To: cypherpunks@toad.com
Subject: Media Accuracy
Message-ID: <9509188140.AA814053942@cc1.dttus.com>
MIME-Version: 1.0
Content-Type: text/plain


     In the October 16, 1995 issue of PC Week, Spencer F. Katt writes:
     
     >Isn't it ironic?  Andreessen creates the WEB while in college; now 
     >college students are finding all the holes in it.  Two students have 
     >uncovered a serious bug in Netscape Navigator, one Katt source 
     >contends.  The browser has a 2K-byte buffer for reading HTML 
     >documents.  Well, these tipsters found that once the page has sent 
     >more than 2K, any assembly code in the HTML document will be 
     >executed.  As an experiment, these kids set up a simple Web server 
     >with some assembly code embedded in the HTML page to overwrite the 
     >client computer's FAT table [sic].  Sure enough, it worked.
     
     >spencer@pcweek.ziff.com
     
     He might be talking about the (already fixed) bug that allowed an HREF 
     that is longer than 356 bytes to overwrite the stack.  Hadn't heard 
     here that anything would happen other than getting Netscape to crash.  
     No names or URL's were given in the story.  Maybe he needs an update.
     Maybe we need an update.
     
     Martin G. Diehl