Unix users face Navigator bug

Netscape acknowledges a bug in its browser that could make users on the Unix operating system vulnerable to attack.

Paul Festa Staff Writer, CNET News.com
Paul Festa
covers browser development and Web standards.
Paul Festa
Netscape Communications today acknowledged a bug in its Navigator browser that could make users on the Unix operating system vulnerable to attack.

A page describing the problem was posted to the Web this week by programmer Dan Brumleve. Brumleve recently discovered and demonstrated two Navigator privacy bugs, both of which revealed users' cache, browsing history, and other information.

The present bug allows a malicious programmer to flood the browser's MIME-type memory and cause the application to crash. Brumleve suggests that malicious code could then be caused to run on the victim's computer, but Netscape said no such exploit has been demonstrated.

The attack is launched when the user tries to download an attacker's plug-in. Netscape suggests that Unix users using Navigator work around the problem by setting preferences to present a warning before the plug-in can be downloaded: Under application preferences, users should select unknown plug-ins (denoted by an asterisk), select the "edit," button, and set it to "unknown:prompt user."

Netscape said it would post a security alert on the bug today and that it was working on a fix. But Communicator product manager Micki Seibel said that, unless the company finds evidence that the hole has effectively been exploited, no special release of a patched browser would be issued ahead of schedule.

The bug affects versions 3.x, 4.0x, and 4.5 of the client for users on the Unix platform only.