COMMAND

    Netscape Communicator 4.7

SYSTEMS AFFECTED

    Netscape Communicator 4.7 (NT/win2k)

PROBLEM

    dark spyrit found following.   Here's an exploit for the  4.7 hole
    released not so long ago.  Head to

        http://www.beavuh.org

    to test your system.   It has been tested  on NT only, but  should
    also work  on win2k..  the exploit  would need  recoding for  9x -
    More details are available on the page.

    Zach Thompson  tested this  vulnerability on  a Win2k Professional
    machine (AKA  WinNT WS  2000) running  the currently  downloadable
    version of Communicator 4.7 and found it to be vulnerable.   After
    executing the test  hyperlink on beavuh.org's  page on his  client
    machine, he was able telnet to  a remote shell on port 6968  of my
    client machine.

    One  thing  to  note  though.    After  clicking  on  this   link,
    Communicator stopped responding  and Zach let  it sit for  about 3
    minutes thinking it might come back.  Eventually he had to kill it
    with Task Manager.  After  killing Netscape, the remote shell  was
    lost  on   the  target   machine  and   the  Telnet   session  was
    disconnected.   This only  leaves a  small amount  of time for the
    malicious person to exploit the  remote shell before the end  user
    kills Netscape for not responding.

SOLUTION

    It  appears  Netscape  has  patched  the version that is currently
    available for download.