Home page logo

bugtraq logo Bugtraq mailing list archives

Re: buffer overflow vulnerability in netscape 3.0 to 4.5
From: pb () INSECURITY NET (Paul Boehm)
Date: Fri, 23 Oct 1998 19:43:29 +0200

On Fri, Oct 23, 1998 at 07:31:30PM +0200, I wrote:
Netscape is working on a patch.

oh, and I almost forgot (in fact, i did):
Netscape posted a workaround to their webpage that protects you against
this specific overflow, but also prevents existing plugins from working.


To quote their page, do the following to protect you:
  1.In Communicator, select Preferences from the Edit menu.
  2.In the Preferences dialog box, select the Navigator category.
  3.Select Applications.
  4.On the Description list, select the * entry and handled by Plug-in: Netscape
  5.Click on the Edit button.
  6.Set Handled By to Unknown: PromptUser.
  7.Restart Navigator or Communicator.


| mail: pb () insecurity net   :: url: http://paul.boehm.org               |
| irc:  infected            :: pgp: finger pb () insecurity net | pgp -fka |
 \.....Linux is like a wigwam - no windows, no gates, apache inside..../

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]