Bugtraq mailing list archives
Re: Ray Cromwell: Another Netscape Bug (and possible security
From: scott () LOC3 TANDEM COM (mueller_scott)
Date: Fri, 22 Sep 1995 11:23:12 PDT
Perry writes:
This bug may make it possible to execute arbitrary code on any Netscape browser on the net.
Ray Clark writes:
As you can see, I just chose an extremely long domain name. I guessed that the authors of netscape probably thought something like "well, a buffer size of 256 characters is good enough to hold any domain"
Not that it entirely excuses Netscape, but RFC 1034 ("DOMAIN NAMES - CONCEPTS AND FACILITIES") section 3.1 states: To simplify implementations, the total number of octets that represent a domain name (i.e., the sum of all label octets and label lengths) is limited to 255. [end excerpt] They should handle exceptions gracefully. -- Scott Hazen Mueller, Tandem Computers +1 408 285 5762 scott () tandem com Unix System/Network Administrator, Host-, Post-, News- and Web-Master
Current thread:
- Re: Ray Cromwell: Another Netscape Bug (and possible security mueller_scott (Sep 22)
- <Possible follow-ups>
- Re: Ray Cromwell: Another Netscape Bug (and possible security Howard B Owen (Sep 24)
- Re: Ray Cromwell: Another Netscape Bug (and possible security Leonard Krylov (Sep 27)
- Re: Ray Cromwell: Another Netscape Bug (and possible security Marc W. Mengel (Sep 27)
- Re: your mail Anthony J. Stuckey (Sep 27)
- Re: Ray Cromwell: Another Netscape Bug (and possible security Diego Zamboni (Sep 28)
- Re: livingston.. Rick Weldon (Sep 29)
- Re: Ray Cromwell: Another Netscape Bug (and possible security Diego Zamboni (Sep 28)
- Re: Ray Cromwell: Another Netscape Bug (and possible security T. Jason Ucker (Sep 29)