OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Felipe Franciosi (franciozzyTERRA.COM.BR)
Date: Tue Feb 06 2001 - 04:19:25 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Now I've seen the segfault of IE on an WinNT 4.0 with
    Internet Exploder 5.00.2919.6307.

    And what about this apache Forbidden message? Does anyone knows what
    that is about?

    Best Regards,
    Felipe

    On Mon, 5 Feb 2001 14:40:22 -0800 , "Pascal Jobin" <pascal.jobingsig-net.qc.ca> wrote:

    > I got a forbidden message too from an Apache 1.3.12 server running under Red
    > hat linux 6.2 (Kernel 2.2.14-5.0).
    >
    > I run Win2000 Advanced server with IE 5.5. IE 5.5 nerver crash.
    >
    > Pascal Jobin
    >
    > ----- Original Message -----
    > From: "Felipe Franciosi" <franciozzyTERRA.COM.BR>
    > To: <VULN-DEVSECURITYFOCUS.COM>
    > Sent: Monday, February 05, 2001 4:35 AM
    > Subject: Re: Potential overflow in Internet Explorer
    >
    >
    > > Hi,
    > >
    > > I've tried with different lenghts of "a"s up to 1024 chars.
    > > The IE did NOT crashed, but when I used 1024 chars, I got a Forbidden
    > > message from an Apache 1.3.17 running on a Linux Slackware 7.1 with
    > > Kernel 2.2.18, instead of a 404.
    > > I'm sure the URL doesn't exist because I run the machine. :-)
    > >
    > > btw, the workstation is a win2k english professional edition with IE
    > > version 5.00.2920.0000, cipher 56-bit.
    > >
    > > []'s Felipe
    > >
    > > On Mon, 29 Jan 2001 20:12:20 -0800 , joetestaHUSHMAIL.COM wrote:
    > >
    > > > Hi all --
    > > >
    > > >
    > > > While doing some testing on a web server, I discovered that Internet
    > > > Explorer crashes when the following URL is typed in the address bar:
    > > >
    > > >
    > > > http://www.server.com/[a lot of 'A's]
    > > >
    > > >
    > > > Here is the resulting dump:
    > > >
    > > >
    > > > IEXPLORE caused an invalid page fault in
    > > > module <unknown> at 0000:41414141.
    > > > Registers:
    > > > EAX=00000000 CS=017f EIP=41414141 EFLGS=00010246
    > > > EBX=00000000 SS=0187 ESP=0058568c EBP=41414141
    > > > ECX=0000002e DS=0187 ESI=01eef058 FS=581f
    > > > EDX=004bcd28 ES=0187 EDI=0042b6ac GS=0000
    > > > Bytes at CS:EIP:
    > > >
    > > > Stack dump:
    > > > 41414141 41414141 41414141 41414141
    > > > 41414141 41414141 41414141 41414141
    > > > 41414141 41414141 41414141 41414141
    > > > 41414141 41414141 41414141 41414141
    > > >
    > > >
    > > > I am using version 5.50.4522.1800 on Win98 SE with all critical
    > updates
    > > > installed. I attempted to reproduce this crash on three other machines
    > > > without success. Their version numbers where:
    > > >
    > > > 5.00.2614.3500,
    > > > 5.50.4134.0100,
    > > > 5.50.4134.0600
    > > >
    > > > It seems as though this may be some sort of regression error,
    > > > bad mix of software, or both. Can anyone else reproduce this?
    > > >
    > > >
    > > > - Joe Testa ( joetestahushmail.com )
    > >
    > >
    > > --
    > > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
    > > Felipe Franciosi
    > > franciozzycorp.terra.com.br UIN - 33596050
    > > Suporte Nacional Terra Networks Brasil S.A.
    > > http://www.terra.com.br Porto Alegre - RS
    > > Fone: (51) 284 4230
    > > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
    > 

    --
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 Felipe Franciosi
 franciozzycorp.terra.com.br         UIN - 33596050
 Suporte Nacional Terra Networks Brasil S.A.
 http://www.terra.com.br           Porto Alegre - RS
 Fone: (51) 284 4230
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=