mailing list archives
Re: buffer overflow vulnerability in netscape 3.0 to 4.5
From: smb () RESEARCH ATT COM (Steven M. Bellovin)
Date: Fri, 23 Oct 1998 20:23:18 -0400
In message <19981023193130.B31216 () boehm org>, Paul Boehm writes:
Today news.com reported about a buffer overflow vulnerability in netscape3-4.5
found by Dan Brumleve <nothing () shout net>.
Read the whole story on http://www.news.com/News/Item/0,4,27856,00.html?owv
a sample exploit for linux netscape has been published by Dan Brumleve
on his webpage: http://www.shout.net/~nothing/buffer-overflow-1/index.html
Netscape is working on a patch.
I also have indications that under BSD/OS 4.0, Communicator 4.5 does not
on other platforms? (Not surprisingly, I immediately deleted 4.5...)
- Re: buffer overflow vulnerability in netscape 3.0 to 4.5 Steven M. Bellovin (Oct 24)