[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev Re: Netscape 4.7 argument bug
From: |
T.E.Dickey |
Subject: |
Re: lynx-dev Re: Netscape 4.7 argument bug |
Date: |
Sat, 8 Jan 100 13:20:39 -0500 (EST) |
> It seems that the netscape problem found by darkspyrit (oversized
> arguments to CGI's via GET) might also be a vulnerability issue in
> other browser software. For fun, I tried accessing the sample exploit
> page at http://www.beavuh.org/nscape.htm
> with lynx, and nothing happened, but when I tried saving the page
> (default key 'p') to disk, it got a segv..
> this happened using version 2.8.1pre.9
The current version of lynx is 2.8.2 (2.8.3 in development)
It's available at
http://lynx.browser.org
http://sol.slcc.edu/lynx/release
ftp://lynx.isc.org/lynx-2.8.2
(it doesn't break when I view/print the page)
> Here is a backtrace from the lynx core file:
> (gdb) bt
> #0 0x1ad811 in __kill ()
> #1 0x1ad63f in raise (sig=6) at ../sysdeps/posix/raise.c:27
> #2 0x1ae84f in abort () at ../sysdeps/generic/abort.c:83
> #3 0x80602e8 in _start ()
> #4 0xc0de0001 in ?? ()
>
> ________________________
> address@hidden
> http://1337.tsx.org
> mkdir -p `perl -e 'printf "a/" x 1000'`
>
--
Thomas E. Dickey
address@hidden
http://www.clark.net/pub/dickey