[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Another Netscape Bug (and possible security hole)



> 
> No, you *can* put 0x22, 0x3e and 0x2f by using respectively
> " > and / html constructs  (&#nnn; nn decimal ascii code)
> unfortunatly � is not recognized but you can probaly use any number
> substracted by itself or even short lda#0 (depending on the cpu),...if
> you need a zero,...(what for ?)

	Oh that's great.. netscape might -not- be doing the conversion
before it crashes though.. worth a shot to check though, without a
doubt.

> 
> I hope this helps too, btw, anywone having contacts on the 8lgm folks?
> they must have experience with that kind of stuff...

	Karl told me that it's their policy only to do exploits for
bugs they have found themselves.

> Even if a patch should be availble now, making a demonstration is
> still interesting IMO [specially when you know that there are still
> ppl around using netscape 0.9x beta, and even ppl 'selling' it in ISP
> access packages!...]

	Look at http://www.c2.org/ with an unpatched
netscape. Hopefully other sites will do similar things.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			[email protected]