[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Win : ISS Security Advisory: Buffer Overflow in NetscapeEnterprise and FastTrack Web Servers

To: ecurtis@hydra.acs.uci.edu
Subject: Win : ISS Security Advisory: Buffer Overflow in NetscapeEnterprise and FastTrack Web Servers
From: Dan Stromberg <strombrg@nis.acs.uci.edu>
Date: Mon, 30 Aug 1999 17:14:57 -0700
Cc: cmelzer@hydra.acs.uci.edu, mtvo@hydra.acs.uci.edu
Sender: strombrg@nis.acs.uci.edu

This is all kind of ominous, and we have a bunch of Irix machines
running the netscape web server, I think - many unnecessarily.  Sadly, I
don't think we can count on netscape to be forthcoming about this.

Could you please go to the machines running the netscape web server and
turn it off on the ones that don't actually need it?

I'm leaving a copy of the web-80 entries from ~oacstats/composite in
/tmp on nsc-1.oac, to help you identify which machines are running a
netscape server.

-------- Original Message --------
Subject: Re: [Fwd: ISS Security Advisory: Buffer Overflow in
NetscapeEnterprise and  FastTrack Web Servers]
Date: Thu, 26 Aug 1999 15:23:12 -0400
From: X-Force <xforce@ISS.NET>
Reply-To: X-Force <xforce@ISS.NET>
To: BUGTRAQ@SECURITYFOCUS.COM

Comments within.

Erik Fichtner wrote:

> Is this vulnerability in other versions of Enterprise server?

  We tested the vulnerability against the current releases of Enterprise
  and Fasttrack.  Earlier versions may be vulnerable, but they were not
  tested against.

> Does it exist on all platforms?

  No, our advisory effects only NT, Solaris was tested against and found
  not vulnerable.  AIX and other platforms were not tested against and
  these platforms potentially could be vulnerable.

> Is this an issue only with the SSL server (SSL Handshake? huh? what does
> THAT have to do with a GET request?) or does this affect the entire
> server?

  Netscape decided to combine the GET overflow patch in with an SSL
  problem.  This vulnerability affects the entire server.  Netscapes
  handles their patch bundling, we have no involvment with that.

> Are patches available for previous versions of Enterprise server?

  Not that we know of, If previous versions are found to be vulnerable
  Netscape should be contacted and will issue a patch at that time.

----
X-Force
Internet Security Systems, Inc.
(678) 443-6000 / http://xforce.iss.net/
Adaptive Network Security for the Enterprise

Prev by Date: Redhat :[RHSA-1999:030-02] Buffer overflow in cron daemon]
Next by Date: Redhat :[Fwd: RHSA:1999-035-01 - XFree86 3.3.5 available]
Previous by thread: Redhat :[RHSA-1999:030-02] Buffer overflow in cron daemon]
Next by thread: Redhat :[Fwd: RHSA:1999-035-01 - XFree86 3.3.5 available]
Index(es):
- Date
- Thread