A bug that allows hackers to gain illicit access to the Netscape Enterprise Server and Netscape FastTrack Server, has been discovered by Internet Security Systems Inc. (ISS) and its research team, the X-Force.
The vulnerability in both Netscape Communications Corp.'s servers uses a well-known hacker technique-called buffer overflow-to overload a server and then allows the hacker to overwrite the systems stack and gain access. The attack takes the form of an overly long HTTP GET request, according to ISS and X-Force.
"The fact that it's a remote buffer overflow attack means that an attacker can exploit the vulnerability and remotely upload and execute arbitrary assembly language. An attacker can write an exploit to get the computer to do what ever they want," said Chris Rouland, director of the X-Force, a intrusion-detection research team within ISS. "Users of Netscape (Enterprise and FastTrack Servers) have to patch those systems to protect themselves from this attack."
Netscape and ISS have collaborated to create a fix for the bug, in the form of the Enterprise 3.6 SP 2 SSL Handshake fix. It is available from Netscape at http://www.iplanet.com/downloads/patches/detail_12_86.html.
Separately, Netscape yesterday announced an encryption and security upgrade for Netscape Communicator 4.61 for use with Internet commerce sites, which is easier to download.
While previously Netscape users would be required to download a full version of the browser to upgrade their level of encryption, the SmartUpdate service-at http://home.netscape.com/smartupdate-requires only a 36KBps file to provide 56-bit U.S. internationally exportable encryption or 128-bit U.S.-grade encryption.
Currently, 128-bit encryption is believed to be unbreakable, and 56-bit is the maximum the U.S. government will allow to be exported internationally due to security concerns.
This story from Infoworld.com Copyright © 1999 InfoWorld Media Group, Inc.
RELATED LINKS
