-
May 7th, 2002, 09:17 AM
#1
Netscape/Mozilla IRC Buffer Overflow Vulnerability
Netscape and Mozilla crash when handling an exceptionally long request (32KB+) for a channel using the IRC protocol.
This issue is most likely due to a buffer overflow condition, but it is not known whether this condition may be exploited to execute arbitrary attacker-supplied instructions.
Mozilla is a freely available, open-source web browser. It runs on most Linux and Unix variants, as well as MacOS and Microsoft Windows 9x/ME/NT/2000/XP operating systems. Netscape is another web-browser product which runs on the same platforms as Mozilla.
Remote: Yes
Exploit: A demonstration of how this may cause a denial of service to occur can be found at the following website:
http://jscript.dk/2002/4/moz1rc1test...eroverrun.html
Source: http://www.xatrix.org/article1454.html
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|