lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <003f01c5b69d$53301d30$6501a8c0@pauls1337laptop>
Date: Sun Sep 11 07:52:17 2005
From: pvnick at gmail.com (Paul)
Subject: Mozilla Firefox "Host:" Buffer Overflow Exploit

Skylined, is there anything that you can't exploit? ;-)

On a side note, an article quoting Ferris saying that "Microsoft takes too long to patch stuff so that's why I'm going public" recently was slashdotted (regarding a vulnerability he found in Internet Explorer). Now he goes public with this thing. Does he think that Mozilla and Microsoft have the lengthy patch process in common, or is he just being hypocritical, something that I have found to be quite common among anti-MS zealots.

Paul
Formerly of Greyhats Security
http://greyhatsecurity.org
  ----- Original Message ----- 
  From: Berend-Jan Wever 
  To: full-disclosure@...ts.grok.org.uk ; bugtraq@...urityfocus.com ; security@...illa.org 
  Sent: Saturday, September 10, 2005 6:52 AM
  Subject: [Full-disclosure] Mozilla Firefox "Host:" Buffer Overflow Exploit


  (Just a little heads up, no details or PoC attached)

  The security vulnerability in Mozilla FireFox reported by Tom Ferris is exploitable on Windows.
  I developed a working exploit that seems to be 100% stable, though I've only tested it on one system.
  The exploit will not be released publicly untill patches are out.

  On a side note: it took only about 3 hours and 30 minutes to develop the exploit, so I might not be the only one able to write it.

  Cheers,
  SkyLined

  -- 
  Berend-Jan Wever <berendjanwever@...il.com>
  http://www.edup.tudelft.nl/~bjwever 


------------------------------------------------------------------------------


  _______________________________________________
  Full-Disclosure - We believe in it.
  Charter: http://lists.grok.org.uk/full-disclosure-charter.html
  Hosted and sponsored by Secunia - http://secunia.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050911/2bac85c2/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ