Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Accept overflow on Netscape Enterprise Server 3.6 SP2
From: n-miwa () LAC CO JP (Nobuo Miwa)
Date: Mon, 13 Sep 1999 00:17:46 +0900

Hi,

I found a vulnerability in "Enterprise 3.6 SP 2 SSL Handshake fix"..
I sent a malformed URL to the server and its service was dead.

Its URL is following...

  GET / HTTP/1.0
  Accept: aaaaaaaaaaaaaa...2000byte/gif

Ofcourse you must be able to execute small code you like with
"long Accept" command(just like htr problem on IIS).

I've reported this to Netscape on 31st Aug. They've just
finished making the patch(maybe SP3). It must be released soon.
I'm gonna post this to BUGTRAQ after they release the patch, but
someone posted it to some other mailing lists. So I decided
to post it to here today.

Thanks,
Nobuo Miwa(Moderator of BUGTRAQ-JP)

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]