It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

SCI/TECH:'Highly Critical' Flaw Reported for Netscape Software

page: 1
0

log in

join
share:

posted on Apr, 27 2005 @ 12:01 AM
link   
Secunia, the Danish firm that monitors software vulnerabilities, has issued an advisory for a "highly critical" flaw in Netscape, that could allow the malicious to exploit computers using the browser. The flaw remains unpatched and Netscape has not returned calls for comment. Secunia recommends using another product until a patch can be issued.
 



news.com.com
An unpatched flaw in some versions of the Netscape browser could let an attacker into vulnerable systems, security company Secunia has warned.

The vulnerability is "highly critical," according to an advisory released by the Danish company late Tuesday. Version 6.2.3 and 7.2 of Netscape are affected and other versions may also be susceptible, the company said.

The flaw could allow a hacker to launch a buffer overflow attack, which could crash the browser or enable the attacker to execute code on the compromised system. A patch has not been created, according to Secunia.

Netscape representatives did not immediately return calls seeking comment.

Secunia's advice for dealing with the issue is to "use another product."


Please visit the link provided for the complete story.


I don't know what a buffer overflow attack is, but it seems that the flaws that make them possible are running about a dime a dozen now. Let those who use Netscape take heed and hope that a patch is in the works. The Secunia advisory can be found by clicking the link below.

Related News Links:
secunia.com


[edit on 05/4/27 by GradyPhilpott]

[edit on 05/4/27 by GradyPhilpott]




posted on Apr, 27 2005 @ 12:18 AM
link   
O.K., so it seems to me that Mozilla and Firefox are affected as well. I believe they share some components with Netscape. AOL brower is Mozialla based too, right?

Timely



posted on Apr, 27 2005 @ 12:21 AM
link   
A buffer overflow occurs when data is written past the amount of memory assigned for it, overwriting other data or instructions. It can be used by a hacker to put malicious code onto a system.



posted on Apr, 27 2005 @ 12:26 AM
link   
So- it would take some kind of active agent at the sending source?

Would this be something like a web page sending data streams and inside the stream a trojan or something?

How would you know? If I got a bunch of data from loading a page how could I tell this happened?



posted on Apr, 27 2005 @ 12:40 AM
link   
You would have to visit a site that was designed to take advantage of the vulnerability to have anything really bad happen, even then I think it'd most likely just crash your browser.



posted on Apr, 27 2005 @ 12:45 AM
link   
O.K.- good to know (?)


I remember a German site last year that hijacked browsers- it was a real pain to reinstall IE.



posted on Apr, 27 2005 @ 01:47 AM
link   
If browser hijacking is a problem and if you surf as I do, it is, here is a good software to have installed:

BHODemon

Read about BHODemon here.



posted on Apr, 27 2005 @ 02:36 AM
link   
Us 'surfers' gotta help each other out


I'm downloading it now



posted on Apr, 27 2005 @ 02:41 AM
link   
Thanks for the info.
I'm using v, 8.0 Beta at the moment, wonder if it's affected.
I'll switch to Opera for the time being.



new topics

top topics



 
0

log in

join