Communicator exploits

Fernand Portela (fernand.portela@IBM.NET)
Fri, 10 Apr 1998 14:06:08 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Nicolas Dubee: "Sun rpcbind"
Previous message: Chiaki Ishikawa: "(Q) Sun Rpcbind problem."

This is a multi-part message in MIME format.

--Boundary_(ID_D3kLPcVRdbMbEBsBNwX+ww)
Content-type: text/plain; charset=us-ascii
Content-transfer-encoding: 7bit

Hi,

A few weeks ago, I've posted in this mailing-list an advisory about
issues in Netscape Communicator. Since a fixed release (4.05) is now
available to users, I think I can publish the exploits themselves.

If you received this mail in Communicator 4.04 or previous (NN2.x and
3.x are not vulnerable), simply click the links in the attached HTML
document for a demonstration of the bugs.
_______________________________________________________________________

Fernand PORTELA aka Nando
fernand.portela@ibm.net nando@mygale.org
http://www.mygale.org/~nando

--Boundary_(ID_D3kLPcVRdbMbEBsBNwX+ww)
Content-type: text/html; name=attacks.html; charset=us-ascii
Content-disposition: inline; filename=attacks.html
Content-transfer-encoding: 7bit

Click here for a demonstration of the first exploit.

Click here for a demonstration of the second exploit.

--Boundary_(ID_D3kLPcVRdbMbEBsBNwX+ww)--

Next message: Nicolas Dubee: "Sun rpcbind"
Previous message: Chiaki Ishikawa: "(Q) Sun Rpcbind problem."