Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Netscape/Mozilla IRC Buffer Overflow Vulnerability

Netscape/Mozilla IRC Buffer Overflow Vulnerability

by Nikola Strahija on May 2nd, 2002 Netscape and Mozilla crash when handling an exceptionally long request (32KB+) for a channel using the IRC protocol. This issue is most likely due to a buffer overflow condition, but it is not known whether this condition may be exploited to execute arbitrary attacker-supplied instructions.


Mozilla is a freely available, open-source web browser. It runs on most Linux and Unix variants, as well as MacOS and Microsoft Windows 9x/ME/NT/2000/XP operating systems. Netscape is another web-browser product which runs on the same platforms as Mozilla.

Remote: Yes

Exploit: A demonstration of how this may cause a denial of service to occur can be found at the following website:

http://jscript.dk/2002/4/moz1rc1tests/ircbufferoverrun.html


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »