[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Netscape 2.01 fixes server vulnerabilities by breaking the client...

To: Rich Graves <[email protected]>
Subject: Re: Netscape 2.01 fixes server vulnerabilities by breaking the client...
From: Tom Weinstein <[email protected]>
Date: Fri, 29 Mar 1996 17:35:07 -0800
CC: [email protected]
Organization: Netscape Communications, Inc.
References: <[email protected]>
Sender: [email protected]

Rich Graves wrote:
> 
> Now I suppose they'll want me to fix all the pages where I do a finger
> with a gopher://host:79/0user Any chance this nonfix can be unfixed?
> 
> This nonfix was applied to the UNIX and Win32 versions; I haven't
> checked the other platforms.

It may be unpleasant, but it's a fact that there was a real security
hole here.  There is a well known buffer overrun bug in finger that a
lot of people inside firewalls haven't fixed.  Using gopher: URLs
in IMG tags it was possible to do nasty things.  We tried to err on
the side of permissivity, but finger was one port we just couldn't
allow.  Yes, it sucks.  So does someone reaching through your firewall
and running commands as root.

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | [email protected]

Follow-Ups:
- Re: Netscape 2.01 fixes server vulnerabilities by breaking the client...
  - From: Rich Graves <[email protected]>

References:
- Netscape 2.01 fixes server vulnerabilities by breaking the client...
  - From: Rich Graves <[email protected]>

Prev by Date: Re: What backs up digital money?
Next by Date: Re: trouble with idea.c from cryptl99.zip
Prev by thread: Netscape 2.01 fixes server vulnerabilities by breaking the client...
Next by thread: Re: Netscape 2.01 fixes server vulnerabilities by breaking the client...
Index(es):
- Date
- Thread