Flaws in Netscape, Cisco and Sophos

In three separate instances, Netscape fixed flaws in its latest browser, a researcher quit his job after he talked about security flaws in Cisco routers, and Sophos fixed a flaw in the current version of its software.

Netscape released an updated version of its Netscape 8 browser to fix a pair of ‘critical’ security flaws. The new version Netscape 8.0.3.1 takes care of two flaws that were previously disclosed and fixed in Firefox, the open-source Web browser on which Netscape 8 is based.

The updated release fixes only the most serious flaws that were fixed in Firefox 1.0.5. Ten less-serious flaws will be dealt with in another update due in the coming weeks. The flaw could be exploited remotely, and allowed an attacker to hijack a victim’s PC.

The Netscape update also fixes two other bugs, including one that could cause the browser to crash when downloading large images. Additionally, the update deals with some performance issues.

This revamp is the third since Netscape 8 was launched in May. A day after launching the Web browser and touting its security features, Netscape had to issue a new version to fix several serious security flaws. Then last month Netscape released an update to fix a bug that broke XML rendering in Microsoft’s Internet Explorer.

Elsewhere, Michael Lynn, a research analyst at Internet Security Systems (ISS), spoke at a Black Hat conference in the US about how unpatched Cisco routers can be remotely compromised. His revelation ignited a spate of lawsuits against Lynn and the conference.

Although Lynn’s planned technical talk and demo was abruptly cancelled, the researcher went ahead with the talk anyway. Lynn, who originally uncovered the problem, was asked to resign after his presentation, but said he felt compelled to reveal the information in the interest of his country and the national infrastructure.

Lynn did not publicly offer the specific code to carry out the attack which he said could be accomplished in several ways on unpatched Cisco routers, but he provided evidence of how it could be done. Lynn said he got some of his insights by reading information posted on Chinese hacker sites.

The Sophos flaw—a buffer overflow vulnerability—has been fixed in some current versions of Sophos products and will be patched in others. Companies running Sophos anti-Virus version 3.96.0 on Windows, Unix, NetWare, OS/2 and OpenVMS are not affected. Also unaffected is Sophos Anti-Virus 4.5.4.

The company didn’t give specifics, but the flaw is due to a heap overflow bug when analysing malformed files. An attacker could exploit the bug via a specially crafted e-mail attachment to execute malicious code and take over a system.