6 Jan 2002 and apparently he still hasn't got around
to releasing version 4.0 which was going to fix the problem.
-- zen-parse
--
-
1) If this message was posted to a public forum by [EMAIL PROTECTED], it
may b
unty
gives:
http://wp.netscape.com/security/bugbounty.html
-- zen-parse
--
-
1) If this message was posted to a public forum by [EMAIL PROTECTED], it
may be redistributed without modification.
2) In any other case the contents
A procmail rule something like:
===CUT-BEGIN-RULE===
:0B:
* [a-zA-Z-]+\*[0-9]+\*=
$HOME/pine.int-overflow.attacks.do.not.open.with.pine.
CUT-END-RULE
should make exploitation of the integer overflow a little harder.
-- zen-parse
http://lists.netsys.com/pipermail/full-disclosure/2003-March/004423.html
file(1) overflow is exploitable in other ways.
In /usr/lib/rhs/rhs-printfilters/master-filter
(rhs-printfilters-1.81-4.rh7.0, used by lprng at least)
magic=$(file ${SPOOLFILE})
magic=$($DECOMPR
on the local machine. This can then be used to further elevate
privs via the issue you mentioned, or one of the other issues.
-- zen-parse
--
-
1) If this message was posted to a public forum by [EMAIL PROTECTED], it
m
On Tue, 26 Nov 2002, Georgi Guninski wrote:
> zen-parse wrote:
>
> >
> > In case people haven't noticed yet, Open Source is not more secure.
> >
>
> I disagree with this conclusion.
>
> Can you please give more details how you concluded this based
ect Open Source does not
make it more secure if you take forever to fix it and don't tell people
when you do fix it".
One hole that is exploitable means the product is insecure, so how about
"Open Source software
Netscape was notified on the same day, I believe.)
July 9
==
Microsoft replies with regard to Javascript.
July 13
===
Microsoft closes off on JS bug. Patch becomes available eventually, as
threat was not seen as high by Microsoft.
+++
Netscape informed of second PNG bug/exploit
low of control in tests, by overwriting
the function pointer for PR_Free in the global offset table of libsnpr4.so.
"Shellcode" can be supplied in a previously loaded image. (A large area
can be filled using compressed image
ver, I think that any approach that gets the information
known is useful. There are definitely many approaches, but any that allows
an issue to be disclosed is at least partially good.
-- zen-parse
--
-
1) If this messag
t, is useful to have occasionally.
-- zen-parse
--
-
1) If this message was posted to a public forum by [EMAIL PROTECTED], it
may be redistributed without modification.
2) In any other case the contents of this messa
ll of us!
> CREDIT
>
> This issue was exlcusively disclosed to iDEFENSE by zen-parse
> ([EMAIL PROTECTED]).
Also do I not care much if iDEFENSE makes their millions with
the exploits or gives them to the millitary.
Fact is that I just got my $250 and laught with a bright smile
nks for the idea, Dave. I'm sure it'll work.
At the moment, afaik, they are just minor bugs, with no real security
issues associated with them on any reasonably up to date machine, but that
doesn't mean they shouldn't be fixed.
-- zen-parse
Boredom causes rant-like behaviour.
G
ssues patched in Netscape 6.2.3
relating to other image formats.
I expect (hope for?) an advisory from Netscape at some point soon for this
and the other patched issues.
-- zen-parse
--
-
1) If this message was post
14 matches
Mail list logo
