[Bleeding-sigs] CAN-2005-0399 - Firefox/mozilla gif extension
heap overflow
Matt Jonkman
matt at infotex.com
Wed Mar 23 19:01:19 EST 2005
U da man Erik.
posting this now. THanks
Matt
Erik Fichtner wrote:
> alert tcp $EXTERNAL_NET $HTTP_PORTS -> any any (msg: "CAN-2005-0399 Gif Vuln via http"; \
> content: "GIF89a"; content: "|21 ff 0b|NETSCAPE2.0|"; \
> byte_test: 1,!=,3,0,relative; flow: from_server,established; )
>
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Bleeding-sigs mailing list
> Bleeding-sigs at bleedingsnort.com
> http://lists.bleedingsnort.com/mailman/listinfo/bleeding-sigs
--
--------------------------------------------
Matthew Jonkman, CISSP
Senior Security Engineer
Infotex
765-429-0398 Direct Anytime
765-448-6847 Office
866-679-5177 24x7 NOC
my.infotex.com
www.offsitefilter.com
www.bleedingsnort.com
--------------------------------------------
NOTICE: The information contained in this email is confidential
and intended solely for the intended recipient. Any use,
distribution, transmittal or retransmittal of information
contained in this email by persons who are not intended
recipients may be a violation of law and is strictly prohibited.
If you are not the intended recipient, please contact the sender
and delete all copies.
More information about the Bleeding-sigs
mailing list