Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Netscape Client DoS.Robert Thomas (robRPI.NET.AU)
Mon, 18 May 1998 13:49:10 +1000
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Aggelos P. Varvitsiotis: "Re: pingflood.c"
- Previous message: Ton Hospel: "Re: simple kde exploit fix"
After making a typo in a proxy.pac (Proxy AutoConfiguration File), I discovered that as soon as netscape loaded the modified proxy.pac file, it GPF'd. The problem was with the return string.. Here is an example of a valid string: return "PROXY 10.1.1.1:8080; PROXY 10.1.1.2:8080; DIRECT"; which will first query the proxy on 10.1.1.1 port 8080, then 10.1.1.2, and if both of those are down it will use direct connections. The string I was using was: return "PROXY 10.1.1.18080; PROXY 10.1.1.2:8080; DIRECT"; I missed the colon. Now I would expect it to do the smallest bit of error checking to verify that 18080 is less than 256. No, it doesn't, and netscape dies -- This also makes netscape basically unuseable until you physically disonnect the network cable and turn proxies off or set them to manual, or manage to hit 'stop' before it loads the proxy.pac file. (Of course, you can fix the proxy.pac file as well 8-) A less than highly-clued ISP/Intranet Manager would probably miss that someone has maliciously changed his proxy.pac file, and have no idea why all his netscape clients are crashing on bootup. I have not checked that this happens with IE -- As this is an IE-Free-Zone. I assume someone else can try and confirm/deny this. This was happening with Communicator 4.04, I assume it would be the same with previous versions. --Robert Thomas RP Internet Services Sydney, Australia --//$35/month Internet Access in 02, 045 and 047 areas. ISDN/FR/DDS/K56\\--