Full Disclosure: Re: Mozilla Firefox "Host:" Buffer Overflow

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: Mozilla Firefox "Host:" Buffer Overflow

From: Heikki Toivonen <heikki () osafoundation org>
Date: Fri, 09 Sep 2005 00:21:07 -0700

Tom Ferris wrote:

Vendor Status:
Mozilla was notified, and im guessing they are working on a patch. Who
knows though?


That seems like a gross mischaracterization, at least by looking at the
Bugzilla bug filed by you which I believe this corresponds to. The bug
was reported two days ago (Sep 6), the first comment came less than an
hour after that, and the first attempted fix was attached less than two
hours after the bug was filed. Further comments explained how it was
proving hard to find what and where was actually going wrong to put in
the right fix. 10 replies total in less than two days. To me it seems
obvious work is being done.

-- 
  Heikki Toivonen

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Mozilla Firefox "Host:" Buffer Overflow Tom Ferris (Sep 08)
- Re: Mozilla Firefox "Host:" Buffer Overflow Heikki Toivonen (Sep 09)
  - Re: Mozilla Firefox "Host:" Buffer Overflow n e w s (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Larry Seltzer (Sep 09)
  - Re: Mozilla Firefox "Host:" Buffer Overflow Dave Aitel (Sep 09)
    - RE: Mozilla Firefox "Host:" Buffer Overflow Larry Seltzer (Sep 09)
    - RE: Mozilla Firefox "Host:" Buffer Overflow Bruce Ediger (Sep 09)