Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Latest IE Hole Lets Gopher Root You

CmdrTaco posted more than 12 years ago | from the well-isn't-that-special dept.

Microsoft 567

rvaniwaa writes "Another hole in internet explorer has been discovered. This hole allows a hacker to root a user's computer whenever the user clicks on a gopher link. All versions of IE are affected and a Microsoft spokesman stated that the company is "moving forward on the investigation with all due speed""

cancel ×


Sorry! There are no comments related to the filter you selected.

My thoughts: (2, Insightful)

FortKnox (169099) | more than 12 years ago | (#3644860)

Written in one of my journal entries [] .

See if this story follows pattern (I think it will).

Re:My thoughts: (-1, Troll)

Anonymous Coward | more than 12 years ago | (#3645006)

You're right.

I must admit, I find Slashdot more useful for supporting my Windows users than my Linux users. For Windows, we get up-to-the minute bug alerts - sometimes faster than the mailing list I'm on (non-MS), for Linux we get... point oh minor build releases of kernels.

Whoopee doo... what a great site :o( Does this not go to show that in actual fact, Linux users are a bunch of boring geeks that get stroppy with people who are different and think that by reading other people's 'interesting' stories make them interesting too? This isn't true, but that's the impression I get.

Re:My thoughts: (-1, Troll)

MaxVlast (103795) | more than 12 years ago | (#3645032)

No, that's actually about spot-on.

Re:My thoughts: (-1, Troll)

Anonymous Coward | more than 12 years ago | (#3645040)

geeez... 7 downmods from all my past posts. Go editors!

Re:My thoughts: (1)

jeffy124 (453342) | more than 12 years ago | (#3645045)

couldnt agree more with your comment "MS gets railed on for products that either no one (in the audience) has tried, or no one has tried for years."

Especially since the average web user wont run into gopher, that statement holds true. Even for non-average users, they still dont run into it. I think one comment asks how many people use it - three?

Too damn obvious (5, Funny)

CaseyB (1105) | more than 12 years ago | (#3644861)

Let the "gopher hole" jokes begin.

Re:Too damn obvious (2, Funny)

Bob McCown (8411) | more than 12 years ago | (#3644935)


Here's one []

Re:Too damn obvious (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#3644944)

You mean like Richard Gere? No wait.. that was a hamster.

Re:Too damn obvious (1, Redundant)

garcia (6573) | more than 12 years ago | (#3645027)

Dude, he said there would be 6 months before the next security hole was patched!

Re:Too damn obvious (1)

GrenDel Fuego (2558) | more than 12 years ago | (#3645064)

Thinking about groundhogs?

Re:Too damn obvious (0, Troll)

purpledinoz (573045) | more than 12 years ago | (#3645042)

I hope they plug this Gopher hole real fast.

Re:Too damn obvious (1)

InnereNacht (529021) | more than 12 years ago | (#3645062)

Let me tell you, theres nothing worse than a hostile gopher hole.


Anonymous Coward | more than 12 years ago | (#3644862)

Don't you think open source software would be more popular if it were advocated by girls [] like this [] instead of old guys with beards? What we need are more free software babes [] like her [] . This guy looks like he is about to cream his pants standing next to such a fox [] . If we do have to have the old guys with beards, we could at least make sure they are plenty of hot chicks [] too. I mean just look at this girl [] ! Doesn't she [] make you hard? I know this little hottie [] floats my boat!

Join the campaign for more cute open source babes today!


IAgreeWithThisPost (550896) | more than 12 years ago | (#3644915)

wow you're trying hard to get her attention. You must be really head over heels for this 14 year old.


hatrisc (555862) | more than 12 years ago | (#3644962)

yeah.. to bad my girlfriend isn't into opensource, or computers... then again, would i really want al l you guys gawking at her?? and then trying to grep her digits or something similar...

Watch out! (-1)

Thud457 (234763) | more than 12 years ago | (#3645029)

From the looks of some of those pictures, it looks like the attraction for her is the daemonic aspect, not the free software ideology.
She's probably some closet Satan worshiper who'll literally cut your heart out with a knife. And then fuck the goat. Not exactly how I like my dates to end!

Not thursday yet (1, Funny)

Gyorg_Lavode (520114) | more than 12 years ago | (#3644863)

Humm, it's early this week.

are there still any gpher severs out there? (0, Offtopic)

g0hare (565322) | more than 12 years ago | (#3644865)

I haven't seen one in ages 1st post too

All three gopher links left.. (2, Interesting)

sphealey (2855) | more than 12 years ago | (#3644867)

Speaking as a person who used to use gopher quite a bit - how many gopher links are left on the WWW? Three?


Re:All three gopher links left.. (5, Insightful)

linderdm (127168) | more than 12 years ago | (#3644894)

I agree that there may not be many gopher links that look like gopher links, but what stops the malicious from disquising their gopher links to look like regular hrefs?

Re:All three gopher links left.. (2)

Jason Earl (1894) | more than 12 years ago | (#3644898)

Of course if all you need to do to take over an IE users computer is run a gopher server and get some hapless schmoe to click on a gopher link you can bet there will be a sudden resurgence in this venerable protocol. I imagine mixing in a link in pornography spam would probably net you quite a few computers. Some of them would almost certainly have useful information.

Re:All three gopher links left.. (3, Interesting)

shadow303 (446306) | more than 12 years ago | (#3644928)

Funny you should mention a resurgence. I just found this manifesto of people wanting to revive gopher. sto

Re:All three gopher links left.. (2)

zangdesign (462534) | more than 12 years ago | (#3645015)

What would be the advantages of reviving gopher? I can't think of any.

Re:All three gopher links left.. (2)

Lord Omlette (124579) | more than 12 years ago | (#3644979)

1. This is all the evidence Jon Katz needs to prove that Gopher is making a comeback and it's hackers like us who are doing it and we will overthrow the digerati and the ??AA and it could only be possible in a post 9/11 world.

2. Since gopher's used very rarely, if at all anymore, that's probably why MS hadn't bothered to keep the code up to date. /Gs isn't all it's cracked up to be :(

Re:All three gopher links left.. (5, Informative)

Simon Brooke (45012) | more than 12 years ago | (#3645025)

Speaking as a person who used to use gopher quite a bit - how many gopher links are left on the WWW? Three?

That really isn't the point. It would not take many minutes to put up a gopher server with a Win 32 rootkit as content, and then put an innocent but interesting looking link into a web page ('free live world cup scores' would do nicely just now) with an href pointing to that server, and, ideally, one of those annoying JavaScript scrollers in the browser status display to prevent the user from noticing they're about to click a gopher link, and, hey! That's a few more suckers rooted. It will probably go through most firewalls, too.

If you (or your organisation) still use Internet Explorer, I would treat this as serious. Change your default IE install to have gopher point to a safe machine of your own; block gopher at your firewall; and, ideally, switch to Opera 6, Netscape 6, or Mozilla as your organisation's default browser.

This isn't going to be the last security hole found in IE.

Re:All three gopher links left.. (2)

Zocalo (252965) | more than 12 years ago | (#3645056)

There are over a million Gopher links according to Google [] . Which, I have to admit, is a few orders of magnitude more than what I was expecting.

Hmm. Now I'm going all nostalgic for Archie, Veronica and WAIS. Well, maybe not WAIS.

!!!GO USA!!! (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#3644868)

Are we going to have the best soccer teams now also?

I almost feel sorry for the rest of the world, we are kicking their ass in every political, social, education, and economic category..

and now we are schooling them in their own sports? BAHAHAH!

Whats left, world rugby and cricket champions?


Re:!!!GO USA!!! (-1)

Whistler's Mother (539004) | more than 12 years ago | (#3644901)

I think our baseball players would make great cricket players, loaded with steriods and all.... I vote for Cricket in High Schools and Cricket as an NCAA sport.

Re:!!!GO USA!!! (-1, Flamebait)

youngerpants (255314) | more than 12 years ago | (#3645001)

Ahhh, how refreshing

only a true redneck could even begin to assume that America "kicks ass" in "every political, social, education, and economic category"

lets tackle these one at a time shall we;

Political -- Have you seen the brain dead psycho who YOU voted in

Social -- Absolutly. I couldnt agree more with a country who would watch someone die in the street if they couldnt afford health care

Education -- Dont make me laugh. Your high school examinations would be aced by an 11 year old in Europe (BTW, its Maths, not Math)

Economic -- True, The good ole' U S of A is the largest economy on the planet due to its sheer size, so how come a country the size of you smallest state is the fourth largest economy (thats the UK by the way, I think you'll find we invented the computer)

Sorry to flame, but you realy must be some kind of moron to rant about "Go USA!" in a technology BBS. Its people like you who keep the barriers in place instead of smashing them down. No doubt you think I am some kind of "Commie", but you probably didnt hear that the cold war ended.


Re:!!!GO USA!!! (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#3645059)

Evidently, you do not kick ass in the brain department.

You won one game of football. In my 1986 World Cup sticker book, you were relegated to a half page - each sticker had 2 players on it. You were that bad. You will continue to be bad too, because in football, when you get cocky like you, you tend to lose and feel like crap afterwards.

Although as a young footballing nation, you wouldn't know about that, would you? And rugby? You'd need padding mate, or you'd cry!

Gopher? (1)

TV-SET (84200) | more than 12 years ago | (#3644869)

The fact that this bug was found makes me feel like someone is still using gopher. :) Haven't seen such person in a while myself.

More info... (-1, Troll)

Anonymous Coward | more than 12 years ago | (#3644870)

here: Gopher hole [] .

hostile Gopher site? (4, Funny)

Fantanicity (583135) | more than 12 years ago | (#3644872)

"hostile Gopher site"? Ouch ... I think shall wear kevlar underpants while using IE in future.

And how's that working for ya? (4, Funny)

jimmu (227057) | more than 12 years ago | (#3644873)

From the article:

In January, Microsoft Chairman Bill Gates instructed employees to make software security a top priority.

Yeah, looks like everythings moving full steam ahead on that front.

Re:And how's that working for ya? (4, Insightful)

liquidsin (398151) | more than 12 years ago | (#3645046)

Hey, cut them some slack. It only took five months to find a hole in a protocol that nobody's used, eight years? We should have all the IE/Outlook bugs patched up sometime around 2026.

...and yet (2)

rknop (240417) | more than 12 years ago | (#3644874)

And yet, despite regular reports like this, posters on Slashdot keep asking why anybody who "cares about the web" would bother using a browser other than IE, and suggest that somebody who wants to use another browser (and, heavens, support cross-platfrom and cross-platfrom browsers) is a naive moralistic high-horse-rider who needs to wake up and get with the program.

With the program doesn't look like a very nice place to get to me....


Re:...and yet (2, Insightful)

Fantanicity (583135) | more than 12 years ago | (#3644903)

When are the writers of other browsers going to release the documentation proving that the gopher handling code has been security auditted, that sufficient gopher testcases have been built, and that the browser passed all the gopher handling tests?

The reason there are aren't reports of security holes in gopher code in other browers is that no-one has looked, not that the holes don't exist.

Re:...and yet (0)

Anonymous Coward | more than 12 years ago | (#3645036)

Another Micros**t employee!

**Sigh...** (2, Insightful)

TweeKinDaBahx (583007) | more than 12 years ago | (#3644973)

Most of the other browsers have security holes found in them from time to time as well, but most of the kind crackers out there seems to take a diabolical pleasure in focusing on IE (and since it's one of the core technologies of it, Windows...). If people spent as much time trying to break many of the other Browsers out there, I'm sure they would find they're all their own brand of swiss cheese.

No software is rock solid, even when it's written to be. There's always a european teenager with way too much time on their hands just waiting to turn you Titanium fortress into a window screen...

Re:**Sigh...** (0)

Anonymous Coward | more than 12 years ago | (#3645019)

european? Don't all teenage crackers come from Canada?

Re:...and yet (1)

rikkards (98006) | more than 12 years ago | (#3645050)

<SARCASM> I find it funny that RedHat errata can come down the pipe and it never gets a main page posting. I mean sometimes I wonder if Microsoft is being isolated as a target for ridicule </SARCASM>
Granted Microsoft has not always been forthcoming with security alerts but hell even since 98 with WindowsUpdate you can more or less stay on top of these.

Trying not to get this modded as flamebait

New MS Hacker Slogan (5, Funny)

Anonymous Coward | more than 12 years ago | (#3644876)

"Where do you want to gopher today?"

whoa! (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#3644880)


Re:whoa! (-1, Offtopic)

hatrisc (555862) | more than 12 years ago | (#3644988)

hmm.. as if first post! wasn't short enough, it's not fp! hehe.. i love slashdot

ObCaddyshack: (3, Funny)

kafka93 (243640) | more than 12 years ago | (#3644882)

"I smell varmint poontang, and the only good varmint poontang is dead varmint poontang, I think."

Thank God (1, Offtopic)

Wind_Walker (83965) | more than 12 years ago | (#3644883)

I'm just happy that it doesn't crash the browser when you click on a Dancing Hampsters [] .

And we all know (1, Funny)

TheDick (453572) | more than 12 years ago | (#3644885)

How damn common those gopher links are, I click on hundreds per day, whatever am I going to do?

Use Archie!

Re:And we all know (0)

Anonymous Coward | more than 12 years ago | (#3644976)

And we all know How damn common those gopher links are, I click on hundreds per day, whatever am I going to do?

Alright genious. How about if I set up a gopher server and send you a disguised link for turtle porn? I'm sure you'd be all over that link, and likewise, I'll have your r00t.


Honestly.... (1)

qurob (543434) | more than 12 years ago | (#3644890)

Who the hell uses Gopher anymore, especialy 'doze newbies?

...on an almost regular basis (1)

LISNews (150412) | more than 12 years ago | (#3644891)

"After being embarrassed on an almost regular basis by security flaws in its products -- including a debilitating problem found in its latest Windows XP operating system just days after its release -- Microsoft began a companywide training program on security issues earlier this year."


more holes (1)

lokor (574096) | more than 12 years ago | (#3644893)

I can see thrue IE

On a vaguely related note (1)

Echemus (49002) | more than 12 years ago | (#3644895)

What has happened to gopher?
Is there still a large number of gopher sites out there or has it really died a death having succumb to the "world wide web"?

I suppose it is why the bug wasn't discovered before. 90% of current Internet users probably never used gopher or have even heard of it.

Re:On a vaguely related note (1)

Quixotic Raindrop (443129) | more than 12 years ago | (#3645013)

Actually, a lot of sites are still using gopher, in particular education, library, and government sites that simply make gopher:// accessible through an html file. I have run across a number of them while doing various kinds of academic research.

Sure, it's not as prevelant now as it was in 1991, but it still provides access to a fair amount of 'Net-accessible information.

well you can't expect... (5, Funny)

arson1 (527855) | more than 12 years ago | (#3644897)

Well you can't expect Microsoft to keep up with all these new technologies and formats!

Wow... (2, Troll)

TweeKinDaBahx (583007) | more than 12 years ago | (#3644899)

...I can only imagine how someone found this one.

However dangerous this hole may be, there are a few reasons why it probably won't create an end of the world scenario, most imporatant of these that gopher is absolutly archaic. I personally havn't seen a gopher server since 1996 (at MIT).

Second, as always, Microsoft will have a patch out fairly quickly, which is more that can be said for mozilla half of the time...

*Ducks and covers due to flying penguins*

Re:Wow... (1)

kafka93 (243640) | more than 12 years ago | (#3644924)

All it takes is for someone to set up a dodgy gopher server to exploit the problem, send out a few thousand emails (or include a link or whatnot in an otherwise harmless outlook email virus, etc.) for this to become rather more of an issue.

Think of an "I love you" variant - "click on this link to pick up your card!", for example - and the problem quickly becomes larger.

Re:Wow... (1)

TweeKinDaBahx (583007) | more than 12 years ago | (#3644993)

This is true, but I was just trying to make a point.

The guy who found this hole needs to go outside DURING THE DAY!


kids these days (1)

Jacer (574383) | more than 12 years ago | (#3644904)

i've no clue what gopher is...........however i'd thank you kindly to stay away from MY gopher hole!

The remedy (5, Informative)

sh0rtie (455432) | more than 12 years ago | (#3644908)

To protect from potential exploiting, you can temporarily disable the gopher
protocol like this:

Go to Tools -> Internet options -> Connections. Click on "LAN settings".
Check "Use a proxy server for your LAN". Click on "Advanced...".

Go to the Gopher text field
and enter "localhost", and "1" in the port field. This will stop Internet
Explorer from showing and processing any gopher pages.

this will protect you for now, at least until M$ pull their finger out

Or... (2, Insightful)

Robber Baron (112304) | more than 12 years ago | (#3644941)

Don't use IE!

Re:Or... (0)

Anonymous Coward | more than 12 years ago | (#3645068)

Too bad that I have to use MSIE at work - I'm sure I'm not the only one who has to, either.

Other remedy (0)

Anonymous Coward | more than 12 years ago | (#3644961)

Press alt+F4 whenever the IE splash screen comes up.

First Linux is Dying Post (-1)

Jon Katz on Tuesday (578508) | more than 12 years ago | (#3644909)

The following information requested it be free:

A conservative U.S. think tank suggests in an upcoming report that open-source s
oftware is inherently less secure than proprietary software, and warns governmen
ts against relying on it for national security.

The white paper, Opening the Open Source Debate, from the Alexis de Tocqueville
Institution (ADTI) will suggest that open source opens the gates to hackers and

"Terrorists trying to hack or disrupt U.S. computer networks might find it easi
er if the federal government attempts to switch to 'open source' as some groups
propose," ADTI said in a statement released ahead of the report.

Open-source software is freely available for distribution and modification, as l
ong as the modified software is itself available under open-source terms. The Li
nux operating system is the best-known example of open source, having become pop
ular in the Web server market because of its stability and low cost.

Many researchers have also suggested that since a large community contributes to
and scrutinizes open-source code, security holes are less likely to occur than
in proprietary software, and can be caught and fixed more quickly.

The ADTI white paper, to be released next week, will take the opposite line, out
lining "how open source might facilitate efforts to disrupt or sabotage electro
nic commerce, air traffic control or even sensitive surveillance systems," the
institute said.

"Computer systems are the backbone to U.S. national security," said ADTI Chair
man Gregory Fossedal. "Before the Pentagon and other federal agencies make unin
formed decisions to alter the very foundation of computer security, they should
study the potential consequences carefully."

fun (0)

Anonymous Coward | more than 12 years ago | (#3644910)

so where's an exploit?

Yay I'M SAFE! (2, Funny)

ramdac (302865) | more than 12 years ago | (#3644917)

I don't have a root user...this must mean my M$ machine is perfectly safe!?

Very funny. (1)

Ted Maul (582118) | more than 12 years ago | (#3644982)

The sad thing is, so much stuff doesn't work on NT/2000/XP if you're not a local admin. How many apps out there feel the need to store their stuff in HKLM? Crap really.

Gopher? (1)

salsashrk (573024) | more than 12 years ago | (#3644920)

Due to the currently proliferation of gopher sites still left on the internet, this could be the death knell for Microsoft!!

Seriously, why is this even newsworthy? It's like bitching that the Titanic might need the watertight compartment partitions to extend a little higher than E-Deck in the future..

Stats, anyone? (4, Interesting)

DesScorp (410532) | more than 12 years ago | (#3644925)

Has anyone ever tried to compile stats on security holes in browsers? What I'd like to see is a comparison of browsers in this case, with each version listed with the various vulnerabilities found? Obviously, IE is going to come out on top here, but I'd be interested to see such a list anyway. I've looked around the SANS site and didn't see anything like that. I'd even settle for a short summary. Something like IE has X amount of holes, Netscape has Y amount of holes, Opera has Z amount, and so on.

Re:Stats, anyone? (5, Informative)

sh0rtie (455432) | more than 12 years ago | (#3645026)

Yep this site specialises in just that
Here []

also George Guninski does some research here
Here []

and Mr Malware
Here []

just a routine (0)

OklaKid (552472) | more than 12 years ago | (#3644926)

what a track record, M$ IE get its weekly updates, and it is closed source, like hiding sourcode will make it more secure heres proof that is a M$ lie...

Microsoft = Distrust (0)

way_out_on_the_dark_ (583525) | more than 12 years ago | (#3644927)

When will people realize the true nature of Microsoft? Write dirty code quickly and cheaply just so they can wreap the riches when it is time to upgrade.

I still laugh every time I read this quote "In January, Microsoft Chairman Bill Gates instructed employees to make software security a top priority."

How can you make security a top priority when security has not been a priority for so long? Security is started at the lowest level and in the beginning and it is layered on as thick as you can. It is impossible to fix all the holes out there when you don't even know if the kernel is secure.

Scoop! (1)

UncleAlias (157955) | more than 12 years ago | (#3644936)

There are still gopher links around!

Gopher, gopher.... (2, Funny)

mrgrey (319015) | more than 12 years ago | (#3644940)

I think I read about that in one of my CS books....I recall the prof telling us not needing to retain the information.

Does this remind anyone of anything.. (0)

Anonymous Coward | more than 12 years ago | (#3644960)

99 bugs in Explorer, no more, 99 bugs in the code, take one down, patch it around, 100 bugs in Explorer, no more.

100 bugs in Explorer, no more, 100 bugs in the code, take one down, patch it around, 101 bugs in Explorer, no more.

..and so on.

Jack Valenti == Mr. Burns (-1)

Thud457 (234763) | more than 12 years ago | (#3644966)

"My fellow Americans. As a young boy, I dreamed of being a baseball,
but tonight I say, we must move forward, not backward,
upward not forward,
and always twirling, twirling, twirling towards freedom.
-- Kodos gives a speech, "Treehouse of Horror VII"

Oz slang (0)

Anonymous Coward | more than 12 years ago | (#3644971)

This article's title has a different meaning in Oz.

Test (1)

Fantanicity (583135) | more than 12 years ago | (#3644989)

How does Slashdot display Gopher [] links?

Great! (2, Funny)

Ibjr (570729) | more than 12 years ago | (#3644990)

A Gopher has rooted a hole in you! Wow, slashdot stories are funny again!

Online Solutions' page (3, Informative)

Radnor (4434) | more than 12 years ago | (#3644994)

Here [] is the page from Online Solutions which details the bug, as well as a workaround and a gopher link to test IE's vulnerability.

If This Was Konqueror Instead of IE (-1)

egg troll (515396) | more than 12 years ago | (#3644996)

If this hole had been found in an OpenSource browser instead of IE, the Slashbots would be all aflutter about how a dangerous bug was found since the source code was available. However, since its Microsoft lets be hypocrites and tear them apart. Sheesh.

well, thank goodness I got rid of win2k (-1, Offtopic)

orKiD (56535) | more than 12 years ago | (#3644997)

It's all linux on my machine, and I'm learning quickly that the MS way is not the only way. Even though it's tough adjusting, I bet I can do it :)

No more viruses though!

Moving at the speed of business (molassas) (0)

Anonymous Coward | more than 12 years ago | (#3645003)

A Microsoft spokesman who refused to be identified said Tuesday that the company is "moving forward on the investigation with all due speed" and will take the action that best serves its customers.


Although Gopher is considered an outdated format for Internet content, it is still supported by Internet Explorer and most other browsers.


And the spokesman added, "Responsible security researchers work with the vendor of a suspected vulnerability issue to ensure that countermeasures are developed before the issue is made public and customers are needlessly put at risk."

I wonder if they knew about this when gopher was new, but just never got around to patching it?

Mosaic Bug? (2)

cybermage (112274) | more than 12 years ago | (#3645005)

The article says this affects all versions of IE. I wonder if this hole dates all the way back to NCSA Mosaic. It'd be pretty funny if the hole is that old.

If this is, in fact, a NCSA Mosaic bug, it probably exists in Netscape thru version 4.x as well. I'd be pretty surprised if either company felt the need to alter the gopher code while they were busy fighting over http.

Ah the memories (1)

nurb432 (527695) | more than 12 years ago | (#3645007)

UUCP, Gopher, Archie.. Those were the days :)

Didnt know anyone was left out there in 'gopherspace'..

URL of ANY gopher site al all? (0)

Anonymous Coward | more than 12 years ago | (#3645009)

I have never seen one.
What does the URL look like?

Omg... (1)

SkyLeach (188871) | more than 12 years ago | (#3645011)

I hear that Elton John was starting a movement to protest the patching of this M$ "feature" before someone explained what "gopher" and "root" really ment.

Reminicent of the CHARGEN port problem (2)

iceT (68610) | more than 12 years ago | (#3645016)

Anyone remember the CHARGEN problem with IE3? Connect to the CharGen port, and IE would read and cache (in memory) until the PC crashed?

It's fun when MS figures out something new for the Internet...

Message from Osama to Mr..Gates (2)

AftanGustur (7715) | more than 12 years ago | (#3645020)

I love your stuff []

Gopher (-1)

Genghis Troll (158585) | more than 12 years ago | (#3645023)

Gur Vagrearg Tbcure Cebgbpby
(n qvfgevohgrq qbphzrag frnepu naq ergevriny cebgbpby)

Fgnghf bs guvf Zrzb
Guvf zrzb cebivqrf vasbezngvba sbe gur Vagrearg pbzzhavgl. Vg qbrf abg fcrpvsl na Vagrearg fgnaqneq. Qvfgevohgvba bs guvf zrzb vf hayvzvgrq.

Gur Vagrearg Tbcure cebgbpby vf qrfvtarq sbe qvfgevohgrq qbphzrag frnepu naq ergevriny. Guvf qbphzrag qrfpevorf gur cebgbpby, yvfgf fbzr bs gur vzcyrzragngvbaf pheeragyl ninvynoyr, naq unf na bireivrj bs ubj gb vzcyrzrag arj pyvrag naq freire nccyvpngvbaf. Guvf qbphzrag vf nqncgrq sebz gur onfvp Vagrearg Tbcure cebgbpby qbphzrag svefg vffhrq ol gur Zvpebpbzchgre Pragre ng gur Havirefvgl bs Zvaarfbgn va 1991.

tbcure a. 1. Nal bs inevbhf fubeg gnvyrq, oheebjvat znzznyf bs gur snzvyl Trbzlvqnr, bs Abegu Nzrevpn. 2. (Nzre. pbyybd.) Angvir be vaunovgnag bs Zvaarfbgn: gur Tbcure Fgngr. 3. (Nzre. pbyybd.) Bar jub ehaf reenaqf, qbrf bqq-wbof, srgpurf be qryviref qbphzragf sbe bssvpr fgnss. 4. (pbzchgre grpu.) fbsgjner sbyybjvat n fvzcyr cebgbpby sbe oheebjvat guebhtu n GPC/VC vagrearg.

Gur Vagrearg Tbcure cebgbpby naq fbsgjner sbyybj n pyvrag-freire zbqry. Guvf cebgbpby nffhzrf n eryvnoyr qngn fgernz; GPC vf nffhzrq. Tbcure freiref fubhyq yvfgra ba cbeg 70 (cbeg 70 vf nffvtarq gb Vagrearg Tbcure ol VNAN). Qbphzragf erfvqr ba znal nhgbabzbhf freiref ba gur Vagrearg. Hfref eha pyvrag fbsgjner ba gurve qrfxgbc flfgrzf, pbaarpgvat gb n freire naq fraqvat gur freire n fryrpgbe (n yvar bs grkg, juvpu znl or rzcgl) ivn n GPC pbaarpgvba ng n jryy- xabja cbeg. Gur freire erfcbaqf jvgu n oybpx bs grkg grezvangrq ol n crevbq ba n yvar ol vgfrys naq pybfrf gur pbaarpgvba. Ab fgngr vf ergnvarq ol gur freire.

Cntr 2
Juvyr qbphzragf (naq freivprf) erfvqr ba znal freiref, Tbcure pyvrag fbsgjner cerfragf hfref jvgu n uvrenepul bs vgrzf naq qverpgbevrf zhpu yvxr n svyr flfgrz. Gur Tbcure vagresnpr vf qrfvtarq gb erfrzoyr n svyr flfgrz fvapr n svyr flfgrz vf n tbbq zbqry sbe betnavmvat qbphzragf naq freivprf; gur hfre frrf jung nzbhagf gb bar ovt argjbexrq vasbezngvba flfgrz pbagnvavat cevznevyl qbphzrag vgrzf, qverpgbel vgrzf, naq frnepu vgrzf (gur ynggre nyybjvat frnepurf sbe qbphzragf npebff fhofrgf bs gur vasbezngvba onfr).

Freiref erghea rvgure qverpgbel yvfgf be qbphzragf. Rnpu vgrz va n qverpgbel vf vqragvsvrq ol n glcr (gur xvaq bs bowrpg gur vgrz vf), hfre-ivfvoyr anzr (hfrq gb oebjfr naq fryrpg sebz yvfgvatf), na bcndhr fryrpgbe fgevat (glcvpnyyl pbagnvavat n cnguanzr hfrq ol gur qrfgvangvba ubfg gb ybpngr gur qrfverq bowrpg), n ubfg anzr (juvpu ubfg gb pbagnpg gb bognva guvf vgrz), naq na VC cbeg ahzore (gur cbeg ng juvpu gur freire cebprff yvfgraf sbe pbaarpgvbaf). Gur hfre bayl frrf gur hfre-ivfvoyr anzr. Gur pyvrag fbsgjner pna ybpngr naq ergevrir nal vgrz ol gur gevb bs fryrpgbe, ubfganzr, naq cbeg.

Gb hfr n frnepu vgrz, gur pyvrag fhozvgf n dhrel gb n fcrpvny xvaq bs Tbcure freire: n frnepu freire. Va guvf pnfr, gur pyvrag fraqf gur fryrpgbe fgevat (vs nal) naq gur yvfg bs jbeqf gb or zngpurq. Gur erfcbafr lvryqf "iveghny qverpgbel yvfgvatf" gung pbagnva vgrzf zngpuvat gur frnepu pevgrevn.

Tbcure freiref naq pyvragf rkvfg sbe nyy cbchyne cyngsbezf. Orpnhfr gur cebgbpby vf fb fcnefr naq fvzcyr, jevgvat freiref be pyvragf vf dhvpx naq fgenvtugsbejneq.

1 Vagebqhpgvba
Gur Vagrearg Tbcure cebgbpby vf qrfvtarq cevznevyl gb npg nf n qvfgevohgrq qbphzrag qryvirel flfgrz. Juvyr qbphzragf (naq freivprf) erfvqr ba znal freiref, Tbcure pyvrag fbsgjner cerfragf hfref jvgu n uvrenepul bs vgrzf naq qverpgbevrf zhpu yvxr n svyr flfgrz. Va snpg, gur Tbcure vagresnpr vf qrfvtarq gb erfrzoyr n svyr flfgrz fvapr n svyr flfgrz vf n tbbq zbqry sbe ybpngvat qbphzragf naq freivprf. Jul zbqry n pnzchf-jvqr vasbezngvba flfgrz nsgre n svyr flfgrz? Frireny ernfbaf:

(n) N uvrenepuvpny neenatrzrag bs vasbezngvba vf snzvyvne gb znal hfref. Uvrenepuvpny qverpgbevrf pbagnvavat vgrzf (fhpu nf qbphzragf, freiref, naq fhoqverpgbevrf) ner jvqryl hfrq va ryrpgebavp ohyyrgva obneqf naq bgure pnzchf-jvqr vasbezngvba flfgrzf. Crbcyr jub npprff n pnzchf-jvqr vasbezngvba freire jvyy rkcrpg fbzr fbeg bs uvrenepuvpny betnavmngvba gb gur vasbezngvba cerfragrq.

Cntr 3
(o) N svyr-flfgrz fglyr uvrenepul pna or rkcerffrq va n fvzcyr flagnk. Gur flagnk hfrq sbe gur vagrearg Tbcure cebgbpby vf rnfvyl haqrefgnaqnoyr, naq jnf qrfvtarq gb znxr qrohttvat freiref naq pyvragf rnfl. Lbh pna hfr Gryarg gb fvzhyngr na vagrearg Tbcure pyvrag'f erdhrfgf naq bofreir gur erfcbafrf sebz n freire. Fcrpvny checbfr fbsgjner gbbyf ner abg erdhverq. Ol xrrcvat gur flagnk bs gur cfrhqb-svyr flfgrz pyvrag/freire cebgbpby fvzcyr, jr pna nyfb npuvrir orggre cresbeznapr sbe n irel pbzzba hfre npgvivgl: oebjfvat guebhtu gur qverpgbel uvrenepul.

(p) Fvapr Tbcure bevtvangrq va n Havirefvgl frggvat, bar bs gur tbnyf jnf sbe qrcnegzragf gb unir gur bcgvba bs choyvfuvat vasbezngvba sebz gurve varkcrafvir qrfxgbc znpuvarf, naq fvapr zhpu bs gur vasbezngvba pna or cerfragrq nf fvzcyr grkg svyrf neenatrq va qverpgbevrf, n cebgbpby zbqryrq nsgre n svyr flfgrz unf vzzrqvngr hgvyvgl. Orpnhfr gurer pna or n qverpg znccvat sebz gur svyr flfgrz ba gur hfre'f qrfxgbc znpuvar gb gur qverpgbel fgehpgher choyvfurq ivn gur Tbcure cebgbpby, gur ceboyrz bs jevgvat freire fbsgjner sbe fybj qrfxgbc flfgrzf vf zvavzvmrq.

(q) N svyr flfgrz zrgncube vf rkgrafvoyr. Ol tvivat n "glcr" nggevohgr gb vgrzf va gur cfrhqb-svyr flfgrz, vg vf cbffvoyr gb nppbzzbqngr qbphzragf bgure guna fvzcyr grkg qbphzragf. Pbzcyrk qngnonfr freivprf pna or unaqyrq nf n frcnengr glcr bs vgrz. N svyr-flfgrz zrgncube qbrf abg ehyr bhg frnepu be qngnonfr-fglyr dhrevrf sbe npprff gb qbphzragf. N frnepu-freire glcr vf nyfb qrsvarq va guvf cfrhqb-svyr flfgrz. Fhpu freiref erghea "iveghny qverpgbevrf" be yvfg bs qbphzragf zngpuvat hfre fcrpvsvrq pevgrevn.

2 Gur vagrearg Tbcure Zbqry
N qrgnvyrq OAS eraqrevat bs gur vagrearg Tbcure flagnk vf ninvynoyr va gur nccraqvk...ohg n pybfr ernqvat bs gur nccraqvk znl abg or arprffnel gb haqrefgnaq gur vagrearg Tbcure cebgbpby.

Va rffrapr, gur Tbcure cebgbpby pbafvfgf bs n pyvrag pbaarpgvat gb n freire naq fraqvat gur freire n fryrpgbe (n yvar bs grkg, juvpu znl or rzcgl) ivn n GPC pbaarpgvba. Gur freire erfcbaqf jvgu n oybpx bs grkg grezvangrq jvgu n crevbq ba n yvar ol vgfrys, naq pybfrf gur pbaarpgvba. Ab fgngr vf ergnvarq ol gur freire orgjrra genafnpgvbaf jvgu n pyvrag. Gur fvzcyr angher bs gur cebgbpby fgrzf sebz gur arrq gb vzcyrzrag freiref naq pyvragf sbe gur fybj, fznyyre qrfxgbc pbzchgref (1 ZO Znpf naq QBF znpuvarf), dhvpxyl, naq rssvpvragyl.

Orybj vf n fvzcyr rknzcyr bs n pyvrag/freire vagrenpgvba; zber pbzcyrk vagrenpgvbaf ner qrnyg jvgu yngre. Nffhzr gung n "jryy- xabja" Tbcure freire (guvf znl or qhcyvpngrq, qrgnvyf ner qvfphffrq

Cntr 4
yngre) yvfgraf ng n jryy xabja cbeg sbe gur pnzchf (zhpu yvxr n qbznva-anzr freire). Gur bayl pbasvthengvba vasbezngvba gur pyvrag fbsgjner ergnvaf vf guvf freire'f anzr naq cbeg ahzore (va guvf rknzcyr gung znpuvar vf enjOvgf.zvpeb.hza.rqh naq gur cbeg 70). Va gur rknzcyr orybj gur S punenpgre qrabgrf gur GNO punenpgre.

Pyvrag: {Bcraf pbaarpgvba gb enjOvgf.zvpeb.hza.rqh ng cbeg 70}

Freire: {Npprcgf pbaarpgvba ohg fnlf abguvat}
Pyvrag: {Fraqf na rzcgl yvar: Zrnavat "yvfg jung lbh unir"}

Freire: {Fraqf n frevrf bs yvarf, rnpu raqvat jvgu PE YS}
0Nobhg vagrearg TbcureSFghss:Nobhg hfSenjOvgf.zvpeb.hza.rqhS70
1Nebhaq Havirefvgl bs ZvaarfbgnSM,5692,NHZShaqreqbt.zvpeb.hza.rqhS70
1Zvpebpbzchgre Arjf gurer ner n unaqshy zber bs gurfr punenpgref qrfpevorq yngre). Gur fhpprrqvat punenpgref hc gb gur gno sbez n hfre qvfcynl fgevat gb or fubja gb gur hfre sbe hfr va fryrpgvat guvf qbphzrag (be qverpgbel) sbe ergevriny. Gur svefg punenpgre bs gur yvar vf ernyyl qrsvavat gur glcr bs vgrz qrfpevorq ba guvf yvar. Va arneyl rirel pnfr, gur Tbcure pyvrag fbsgjner jvyy tvir gur hfref fbzr fbeg bs vqrn nobhg jung glcr bs vgrz guvf vf (ol qvfcynlvat na vpba, n fubeg grkg gnt, be gur yvxr).

Gur punenpgref sbyybjvat gur gno, hc gb gur arkg gno sbez n fryrpgbe fgevat gung gur pyvrag fbsgjner zhfg fraq gb gur freire gb ergevrir gur qbphzrag (be qverpgbel yvfgvat). Gur fryrpgbe fgevat fubhyq zrna abguvat gb gur pyvrag fbsgjner; vg fubhyq arire or zbqvsvrq ol gur pyvrag. Va cenpgvpr, gur fryrpgbe fgevat vf bsgra n cnguanzr be bgure svyr fryrpgbe hfrq ol gur freire gb ybpngr gur vgrz qrfverq. Gur arkg gjb gno qryvzvgrq svryqf qrabgr gur qbznva-anzr bs gur ubfg gung unf guvf qbphzrag (be qverpgbel), naq gur cbeg ng juvpu gb pbaarpg. Vs gurer ner lrg bgure gno qryvzvgrq svryqf, gur onfvp Tbcure pyvrag fubhyq vtaber gurz. N PE YS qrabgrf gur raq bs gur vgrz.

Cntr 5
Va gur rknzcyr, yvar 1 qrfpevorf n qbphzrag gur hfre jvyy frr nf "Nobhg vagrearg Tbcure". Gb ergevrir guvf qbphzrag, gur pyvrag fbsgjner zhfg fraq gur ergevriny fgevat: "Fghss:Nobhg hf" gb enjOvgf.zvpeb.hza.rqh ng cbeg 70. Vs gur pyvrag qbrf guvf, gur freire jvyy erfcbaq jvgu gur pbagragf bs gur qbphzrag, grezvangrq ol n crevbq ba n yvar ol vgfrys. N pyvrag zvtug cerfrag gur hfre jvgu n ivrj bs gur jbeyq fbzrguvat yvxr gur sbyybjvat yvfg bs vgrzf:

Nobhg Vagrearg Tbcure
Nebhaq gur Havirefvgl bs Zvaarfbgn...
Zvpebpbzchgre Arjf Znpvagbfu pyvragf qvfcynl qverpgbevrf nybatfvqr na vpba bs n sbyqre.

Gur hfre qbrf abg xabj be pner gung gur vgrzf hc sbe fryrpgvba znl erfvqr ba znal qvssrerag znpuvarf naljurer ba gur Vagrearg.

Fhccbfr gur hfre fryrpgf gur yvar "Zvpebpbzchgre Arjf gurl znl whfg cynpr n yvax gb gur frpbaqnel freiref va gurve bja cevznel freiref. Gurl znl vaqrrq cynpr yvaxf gb nal freiref gurl qrfver va gurve bja freire, guhf perngvat n phfgbzvmrq ivrj bs gurgur Tbcure vasbezngvba havirefr; yvaxf pna bs pbhefr cbvag onpx ng gur gbc-yriry freire. Gur iveghny (argjbexrq) svyr flfgrz vf gurersber na neovgenel tencu fgehpgher naq abg arprffnevyl n ebbgrq gerr. Gur gbc-yriry abqr vf zreryl bar pbairavrag, jryy-xabja cbvag bs ragel. N frg bs Tbcure freiref yvaxrq va guvf znaare znl shapgvba nf n pnzchf-jvqr vasbezngvba flfgrz.

Freiref znl bs pbhefr cbvag yvaxf ng bgure guna frpbaqnel freiref. Vaqrrq freiref znl cbvag ng bgure freiref bssrevat hfrshy freivprf naljurer ba gur vagrearg. Ivrjrq va guvf znaare, Tbcure pna or frra nf na Vagrearg-jvqr vasbezngvba flfgrz.

3.2 Freire cbegnovyvgl naq anzvat
Vg vf erpbzzraqrq gung nyy ertvfgrerq freiref unir nyvnf anzrf (qbznva anzr flfgrz PANZR) gung ner hfrq ol Tbcure pyvragf gb ybpngr gurz. Yvaxf gb gurfr freiref fubhyq hfr gurfr nyvnf anzrf engure guna gur cevznel anzrf. Vs vasbezngvba arrqf gb or zbirq sebz bar znpuvar gb nabgure, n fvzcyr punatr bs qbznva anzr flfgrz nyvnf (PANZR) nyybjf guvf gb bpphe jvgubhg nal erpbasvthengvba bs pyvragf va gur svryq. Va fubeg, gur qbznva anzr flfgrz znl or hfrq gb er-znc n freire gb n arj nqqerff. Gurer vf abguvat gb cerirag frpbaqnel freiref be freivprf sebz ehaavat ba bgurejvfr anzrq freiref be cbegf

Cntr 7
bgure guna 70, ubjrire gurfr fubhyq or ernpunoyr ivn n cevznel freire.

3.3 Pbagnpgvat freire nqzvavfgengbef
Vg vf erpbzzraqrq gung rirel freire nqzvavfgengbe unir n qbphzrag pnyyrq fbzrguvat yvxr: "Nobhg Obthf Havirefvgl'f Tbcure freire" nf gur svefg vgrz va gurve freire'f gbc yriry qverpgbel. Va guvf qbphzrag fubhyq or n fubeg qrfpevcgvba bs jung gur freire ubyqf, nf jryy nf anzr, nqqerff, cubar, naq na r-znvy nqqerff bs gur crefba jub nqzvavfgref gur freire. Guvf cebivqrf n jnl sbe hfref gb trg jbeq gb gur nqzvavfgengbe bs n freire gung unf vanpphengr vasbezngvba be vf abg ehaavat pbeerpgyl. Vg vf nyfb erpbzzraqrq gung nqzvavfgengbef cynpr gur qngr bs ynfg hcqngr va svyrf sbe juvpu fhpu vasbezngvba znggref gb gur hfref.

3.4 Zbqhyne nqqvgvba bs freivprf
Gur svefg punenpgre bs rnpu yvar va n freire-fhccyvrq qverpgbel yvfgvat vaqvpngrf jurgure gur vgrz vf n svyr (punenpgre '0'), n qverpgbel (punenpgre '1'), be n frnepu (punenpgre '7'). Guvf vf gur onfr frg bs vgrz glcrf va gur Tbcure cebgbpby. Vg vf qrfvenoyr sbe pyvragf gb or noyr gb hfr qvssrerag freivprf naq fcrnx qvssrerag cebgbpbyf (fvzcyr barf fhpu nf svatre; bguref fhpu nf PFB cubarobbx freivpr, be Gryarg, be K.500 qverpgbel freivpr) nf arrqf qvpgngr. PFB cubarobbx freivpr vf n pyvrag/freire cubarobbx flfgrz glcvpnyyl hfrq ng Havirefvgvrf gb choyvfu anzrf, r-znvy nqqerffrf, naq fb ba. Gur PFB cubarobbx fbsgjner jnf qrirybcrq ng gur Havirefvgl bs Vyyvabvf naq vf nyfb fbzrgvzrf ersrerq gb nf cu be dv. Sbe rknzcyr, vs n freire-fhccyvrq qverpgbel yvfgvat znexf n pregnva vgrz jvgu glcr punenpgre '2', gura vg zrnaf gung gb hfr guvf vgrz, gur pyvrag zhfg fcrnx gur PFB cebgbpby. Guvf erzbirf gur arrq gb or noyr gb nagvpvcngr nyy shgher arrqf naq uneq-jver gurz va gur onfvp Vagrearg Tbcure cebgbpby; vg xrrcf gur onfvp cebgbpby rkgerzryl fvzcyr. Va fcvgr bs guvf fvzcyvpvgl, gur fpurzr unf gur pncnovyvgl gb rkcnaq naq punatr jvgu gur gvzrf ol nqqvat na nterrq hcba glcr-punenpgre sbe n arj freivpr. Guvf nyfb nyybjf gur pyvrag vzcyrzragngvbaf gb ribyir va n zbqhyne snfuvba, fvzcqhyr (be ynhapuvat n arj cebprff) sbe fbzr arj freivpr. Gur freiref sbe gur arj freivpr bs pbhefr unir gb xabj abguvat nobhg Vagrearg Tbcure; gurl pna whfg or bss-gur furys PFB, K.500, be bgure freiref. Jr qb abg ubjrire, rapbhentr neovgenel be znpuvar-fcrpvsvp cebyvsrengvba bs freivpr glcrf va gur onfvp Tbcure cebgbpby.

Ba gur bgure unaq, fhofrgf bs bgure qbphzrag ergevriny fpurzrf znl or znccrq bagb gur Tbcure cebgbpby ol zrnaf bs "tngrjnl-freiref". Rknzcyrf bs fhpu freiref vapyhqr Tbcure-gb-SGC tngrjnlf, Tbcure-gb- nepuvr tngrjnlf, Tbcure-gb-JNVF tngrjnlf, rgp. Gurer ner n ahzore bs

Cntr 8
nqinagntrf bs fhpu zrpunavfzf. Svefg, n eryngviryl cbjreshy freire znpuvar vaurevgf obgu gur vagryyvtrapr naq jbex, engure guna gur zber zbqrfg, varkcrafvir qrfxgbc flfgrz gung glcvpnyyl ehaf pyvrag fbsgjner be onfvp freire fbsgjner. Rdhnyyl vzcbegnag, pyvragf qb abg unir gb or zbqvsvrq gb gnxr nqinagntr bs n arj erfbhepr.

3.5 Ohvyqvat pyvragf
N pyvrag fvzcyl fraqf gur ergevriny fgevat gb n freire vs vg jnagf gb ergevrir n qbphzrag be ivrj gur pbagragf bs n qverpgbel. Bs pbhefr, rnpu ubfg znl unir cbvagref gb bgure ubfgf, erfhygvat va n "tencu" (abg arprffnevyl n ebbgrq gerr) bs ubfgf. Gur pyvrag fbsgjner znl fnir (be engure "fgnpx") gur ybpngvbaf gung vg unf ivfvgrq va frnepu bs n qbphzrag. Gur hfre pbhyq gurersber onpx bhg bs gur pheerag ybpngvba ol hajvaqvat gur fgnpx. Nygreangviryl, n pyvrag jvgu zhygvcyr-jvaqbj pncnovyvgl zvtug whfg or noyr gb qvfcynl zber guna bar qverpgbel be qbphzrag ng gur fnzr gvzr.

N fzneg pyvrag pbhyq pnpur gur pbagragf bs ivfvgrq qverpgbevrf (engure guna whfg gur qverpgbel'f vgrz qrfpevcgbe), guhf nibvqvat argjbex genafnpgvbaf vs gur vasbezngvba unf orra cerivbhfyl ergevrirq.

Vs n pyvrag qbrf abg haqrefgnaq jung n fnl, glcr 'O' vgrz (abg n pber vgrz) vf, gura vg znl fvzcyl vtaber gur vgrz va gur qverpgbel yvfgvat; gur hfre arire rira unf gb frr vg. Nygreangviryl, gur vgrz pbhyq or qvfcynlrq nf na haxabja glcr.

Gbc-yriry be cevznel freiref sbe n pnzchf ner yvxryl gb trg zber genssvp guna frpbaqnel freiref, naq vg jbhyq or yrff gbyrenoyr sbe fhpu cevznel freiref gb or qbja sbe nal ybat gvzr. Fb vg znxrf frafr gb "pybar" fhpu vzcbegnag freiref naq pbafgehpg pyvragf gung pna enaqbzyl pubbfr orgjrra gjb fhpu rdhvinyrag cevznel freiref jura gurl svefg pbaarpg (gb onynapr freire ybnq), zbivat gb bar vs gur bgure frrzf gb or qbja. Va snpg, fzneg pyvrag vzcyrzragngvbaf qb guvf pybar freire naq ybnq onynapvat. Nygreangviryl, vg znl znxr frafr gb unir gur qbznva anzr flfgrz erghea bar bs n frg bs erqhaqnag bs freire'f VC nqqerff gb ybnq onynapr orgjra erqhaqnag frgf bs vzcbegnag freiref.

3.6 Ohvyqvat beqvanel vagrearg Tbcure freiref
Gur ergevriny fgevat frag gb gur freire zvtug or n cngu gb n svyr be qverpgbel. Vg zvtug or gur anzr bs n fpevcg, na nccyvpngvba be rira n dhrel gung trarengrf gur qbphzrag be qverpgbel erghearq. Gur onfvp freire hfrf gur fgevat vg trgf hc gb ohg abg vapyhqvat n PE-YS be n GNO, juvpurire pbzrf svefg.

Cntr 9
Nyy vagryyvtrapr vf pneevrq ol gur freire vzcyrzragngvba engure guna gur cebgbpby. Jung lbh ohvyq vagy freire glcrf (orlbaq gur abezny Tbcure freire) nyfb qvfphffrq orybj:

1 N freire qverpgbel yvfgvat pna cbvag ng n PFB anzrfreire (gur
freire ergheaf n glcr punenpgre bs '2') gb nyybj n pnzchf fghqrag-fgnss cubarobbx ybbxhc freivpr. Guvf znl fubj hc ba gur hfre'f yvfg bs pubvprf, creuncf cerprqrq ol gur vpba bs n cubar- obbx. Vs guvf vgrz vf fryrpgrq, gur pyvrag fbsgjner zhfg erfbeg gb n cher PFB anzrfreire cebgbpby jura vg pbaarpgf gb gur nccebcevngr ubfg.

2 N freire pna nyfb cbvag ng n "frnepu freire" (ergheaf n svefg
punenpgre bs '7'). Fhpu freiref znl vzcyrzrag pnzchf argjbex (be fhoarg) jvqr frnepuvat pncnovyvgl. Gur zbfg pbzzba frnepu freiref znvagnva shyy-grkg vaqrkrf ba gur pbagragf bs grkg qbphzragf uryq ol fbzr fhofrg bs Tbcure freiref. Fhpu n "shyy-grkg frnepu freire" erfcbaqf gb pyvrag erdhrfgf jvgu n yvfg bs nyy qbphzragf gung pbagnva bar be zber jbeqf (gur frnepu pevgrevn). Gur pyvrag fraqf gur freire gur fryrpgbe fgevat, n gno, naq gur frnepu fgevat (jbeqf gb frnepu sbe). Vs gur fryrpgbe fgevat vf rzcgl, gur pyvrag zreryl fraqf gur frnepu fgevat. Gur freire ergheaf gur rdhvinyrag bs n qverpgbel yvfgvat sbe qbphzragf zngpuvat gur frnepu pevgrevn. Fcnprf orgjrra jbeqf ner hfhnyyl vzcyvrq Obbyrna NAQf (nygubhtu va qvssrerag vzcyrzragngvbaf be frnepu glcrf, guvf znl abg arprffnevyl or gehr).
Gur PFB nqqvgvba rkvfgf sbe uvfgbevpny ernfbaf: ng gvzr bs qrfvta, gur pnzchf cubar-obbx freiref ng gur Havirefvgl bs Zvaarfbgn hfrq gur PFB cebgbpby naq vg frrzrq fvzcyrfg gb whfg rathys gurz. Gur vaqrk- freire vf ubjrire irel zhpu n Tbcure va fcvevg, nyorvg jvgu n fyvtug gjvfg va gur zrnavat bs gur fryrpgbe-fgevat. Vaqrk freiref ner n angheny cynpr gb vapbecrengr tngrjnlf gb JNVF naq JUBVF freivprf.

3.7.1 Ohvyqvat PFB-freiref
N PFB Anzrfreire vzcyrzragngvba sbe HAVK naq nffbpvngrq qbphzragngvba vf ninvynoyr ol nabalzbhf sgc sebz hkn.pfb.hvhp.rqh. Jr qb abg nagvpvcngr vzcyrzragvat vg ba bgure znpuvarf.

Cntr 10

3.7.2 Ohvyqvat shyy-grkg frnepu freiref
N shyy-grkg frnepu freire vf n fcrpvny-checbfr freire gung xabjf nobhg gur Tbcure fpurzr sbe ergevrivat qbphzragf. Gurfr freiref znvagnva n shyy-grkg vaqrk bs gur pbagragf bs cynva grkg qbphzragf ba Tbcure freiref va fbzr fcrpvsvrq qbznva. N Tbcure shyy-grkg frnepu freire jnf vzcyrzragrq hfvat frireny ArKGfgngvbaf orpnhfr vg jnf rnfl gb gnxr nqinagntr bs gur shyy-grkg vaqrk/frnepu ratvar ohvyg vagb gur ArKG flfgrz fbsgjner. N frnepu freire sbe trarevp HAVK flfgrzf onfrq ba gur choyvp qbznva JNVF frnepu ratvar, vf nyfb ninvynoyr naq pheeragyl na bcgvbany cneg bs gur HAVK tbcure freire. Va nqqvgvba, ng yrnfg bar vzcyrzragngvba bs gur tbcure freire vapbecrengrf n tngrjnl gb JNVF freiref ol cerfragvat gur JNVF freiref gb tbcurefcnpr nf shyy-grkg frnepu freiref. Gur tbcureJNVF tngrjnl freiref qbrf gur jbex bs genafyngvat sebz tbcure cebgbpby gb JNVF fb hazbqvsvrq tbcure pyvragf pna npprff JNVF freiref ivn gur tngrjnl freire.

Ol hfvat frireny vaqrk freiref (engure guna n zbabyvguvp vaqrk freire) vaqrkrf znl or frnepurq va cnenyyry (nygubhtu gur pyvrag fbsgjner vf abg njner bs guvf). Juvyr znvagnvavat shyy-grkg vaqrkrf bs qbphzragf qvfgevohgrq bire znal znpuvarf znl frrz n qnhagvat gnfx, gur gnfx pna or oebxra vagb fznyyre cvrprf (hcqngr bayl n cbegvba bs gur vaqrkrf, frnepu frireny cnegvny vaqrkrf va cnenenyyryvfz. Ntnva, gur pyvrag fbsgjner vf abg njner bs guvf. Pyvrag fbsgjner bayl arrqf gb xabj gung vg pna fraq n frnepu fgevat gb na vaqrk freire naq jvyy erprvir n yvfg bs qbphzragf gung pbagnva gur jbeqf va gur frnepu fgevat.

3.8 Vgrz glcr punenpgref
Gur pyvrag fbsgjner qrpvqrf jung vgrzf ner ninvynoyr ol ybbxvat ng gur svefg punenpgre bs rnpu yvar va n qverpgbel yvfgvat. Nhtzragvat guvf yvfg pna rkgraq gur cebgbpby. N yvfg bs qrsvarq vgrz-glcr punenpgref sbyybjf:

0 Vgrz vf n svyr
1 Vgrz vf n qverpgbel
2 Vgrz vf n PFB cubar-obbx freire
3 Reebe
4 Vgrz vf n OvaUrkrq Znpvagbfu svyr.
5 Vgrz vf QBF ovanel nepuvir bs fbzr fbeg.
Pyvrag zhfg ernq hagvy gur GPC pbaarpgvba pybfrf. Orjner.
6 Vgrz vf n HAVK hhrapbqrq svyr.
7 Vgrz vf na Vaqrk-Frnepu freire.
8 Vgrz cbvagf gb n grkg-onfrq gryarg frffvba.
9 Vgrz vf n ovanel svyr!

Cntr 11
Pyvrag zhfg ernq hagvy gur GPC pbaarpgvba pybfrf. Orjner.

+ Vgrz vf n erqhaqnag freire
G Vgrz cbvagf gb n grkg-onfrq ga3270 frffvba.
t Vgrz vf n TVS sbezng tencuvpf svyr.
V Vgrz vf fbzr xvaq bs vzntr svyr. Pyvrag qrpvqrf ubj gb qvfcynl.
Punenpgref '0' guebhtu 'M' ner erfreirq. Ybpny rkcrevzragf fubhyq hfr bgure punenpgref. Znpuvar-fcrpvsvp rkgrafvbaf ner abg rapbhentrq. Abgr gung sbe glcr 5 be glcr 9 gur pyvrag zhfg or cercnerq gb ernq hagvy gur pbaarpgvba pybfrf. Gurer jvyy or ab crevbq ng gur raq bs gur svyr; gur pbagragf bs gurfr svyrf ner ovanel naq gur pyvrag zhfg qrpvqr jung gb qb jvgu gurz onfrq creuncf ba gur .kkk rkgrafvba.

3.9 Hfre qvfcynl fgevatf naq freire fryrpgbe fgevatf
Hfre qvfcynl fgevatf ner vagraqrq gb or qvfcynlrq ba n yvar ba n glcvpny fperra sbe n hfre'f ivrjvat cyrnfher. Juvyr znal fperraf pna nppbzzbqngr 80 punenpgre yvarf, fbzr fcnpr vf arrqrq gb qvfcynl n gnt bs fbzr fbeg gb gryy gur hfre jung fbeg bs vgrz guvf vf. Orpnhfr bs guvf, gur hfre qvfcynl fgevat fubhyq or xrcg haqre 70 punenpgref va yratgu. Pyvragf znl gehapngr gb n yratgu pbairavrag gb gurz.

4 Fvzcyvpvgl vf vagragvbany
Nf sne nf cbffvoyr jr qrfver nal arj srngherf gb or pneevrq nf arj cebgbpbyf gung jvyy or uvqqra oruvaq arj qbphzrag-glcrf. Gur vagrearg Tbcure cuvybfbcul vf:

(n) Vagryyvtrapr vf uryq ol gur freire. Pyvragf unir gur bcgvba bs orvat noyr gb npprff arj qbphzrag glcrf (qvssrerag, bgure glcrf bs freiref) ol fvzcyl erpbtavmvat gur qbphzrag-glcr punenpgre. Shegure vagryyvtrapr gb or obear ol gur cebgbpby fubhyq or zvavzvmrq.

(o) Gur jryy-grzcrerq freire bhtug gb fraq "grkg" (hayrff n svyr zhfg or genafsreerq nf enj ovanel). Fubhyq guvf grkg vapyhqr gnof, sbezsrrqf, sehseh? Cebonoyl abg, ohg ehqr freiref jvyy cebonoyl fraq gurz naljnl. Choyvfuref bs qbphzragf fubhyq or tvira fvzcyr gbbyf (svynfbanoyr jvgu shaal punenpgref erprvirq va grkg; svygre gurz bhg, yrnir gurz va, jungrire.

Cntr 12

Cnhy'f ADOAS (Abg Dhvgr OAS) sbe gur Tbcure Cebgbpby.

Abgr: Guvf vf zbqvsvrq OAS (nf hfrq ol gur Cnfpny crbcyr) jvgu n srj Ratyvfu zbqvsvref guebja va. Fghss rapybfrq va '{}' pna or ercrngrq mreb be zber gvzrf. Fghss va '[]' qrabgrf n frg bs vgrzf. Gur '-' bcrengbe qrabgrf frg fhogenpgvba.

Qverpgbel Ragvgl

PE-YS ::= NFPVV Pneevntr Erghea Punenpgre sbyybjrq ol Yvar Srrq

Gno ::= NFPVV Gno punenpgre.

AHY ::= NFPVV AHY punenpgre.


Ynfgyvar ::= '.'PE-YS.

GrkgOybpx ::= Oybpx bs NFPVV grkg abg pbagnvavat Ynfgyvar cnggrea.

Glcr ::= HANFPVV.

ErqGlcr ::= '+'.

Hfre_Anzr ::= {HANFPVV}.

Fryrpgbe ::= {HANFPVV}.

Ubfg ::= {{HANFPVV - ['.']} '.'} {HANFPVV - ['.']}.

Abgr: Guvf vf n Shyyl Dhnyvsvrq Qbznva Anzr nf qrsvarq va ESP 1034.
(r.t., tbcure.zvpeb.hza.rqh) Ubfgf gung unir n PE-YS
GNO be AHY va gurve anzr trg jung gurl qrfreir.

Qvtvg ::= '0' | '1' | '2' | '3' | '4' | '5' | '6' | '7' | '8' | '9' .

QvtvgFrd ::= qvtvg {qvtvg}.

Cbeg ::= QvtvgFrd.

Abgr: Cbeg pbeerfcbaqf gur gur GPC Cbeg Ahzore, vgf inyhr fubhyq
or va gur enatr [0..65535]; cbeg 70 vf bssvpvnyyl nffvtarq gb tbcure.

Cntr 13

QveRagvgl ::= Glcr Hfre_Anzr Gno Fryrpgbe Gno Ubfg Gno Cbeg PE-YS
{ErqGlcr Hfre_Anzr Gno Fryrpgbe Gno Ubfg Gno Cbeg PE-YS}

Vg vf *uvtuyl* erpbzzraqrq gung gur Hfre_Anzr svryq pbagnva bayl cevagnoyr punenpgref, fvapr znal qvssrerag pyvragf jvyy or hfvat vg. Ubjrire vs rvtug ovg punenpgref ner hfrq, gur punenpgref fubhyq pbasbez jvgu gur VFB Yngva1 Punenpgre Frg. Gur yratgu bs gur Hfre qvfcynlnoyr yvar fubhyq or yrff guna 70 Punenpgref; ybatre yvarf znl abg svg npebff fbzr fperraf.

Gur Fryrpgbe fgevat fubhyq or ab ybatre guna 255 punenpgref.

Zrah Ragvgl

Zrah ::= {QveRagvgl} Ynfgyvar.

Zrah Genafnpgvba (Glcr 1 vgrz)

P: Bcraf Pbaarpgvba
F: Npprcgf Pbaarpgvba
P: Fraqf Fryrpgbe Fgevat
F: Fraqf Zrah Ragvgl
Pbaarpgvba vf pybfrq ol rvgure pyvrag be freire (glcvpnyyl freire).

Grkgsvyr Ragvgl

GrkgSvyr ::= {GrkgOybpx} Ynfgyvar

Abgr: Yvarf ortvaavat jvgu crevbqf zhfg or cercraqrq jvgu na rkgen
crevbq gb rafher gung gur genafzvffvba vf abg grezvangrq rneyl. Gur pyvrag fubhyq fgevc rkgen crevbqf ng gur ortvaavat bs gur yvar.

GrkgSvyr Genafnpgvba (Glcr 0 vgrz)

P: Bcraf Pbaarpgvba.
F: Npprcgf pbaarpgvba
P: Fraqf Fryrpgbe Fgevat.
F: Fraqf GrkgSvyr Ragvgl.

Cntr 14
Pbaarpgvba vf pybfrq ol rvgure pyvrag be freire (glcvpnyreq freiref.

Shyy-Grkg Frnepu Genafnpgvba (Glcr 7 vgrz)

Jbeq ::= {HANFPVV - ' '}
ObbyBc ::= 'naq' | 'be' | 'abg' | FCNPR
FrnepuFge ::= Jbeq {{FCNPR ObbyBc} FCNPR Jbeq}

P: Bcraf Pbaarpgvba.
P: Fraqf Fryrpgbe Fgevat, Gno, Frnepu Fgevat.
F: Fraqf Zrah Ragvgl.

Abgr: Va nofrapr bs 'naq', 'be', be 'abg' bcrengbef, n FCNPR vf
ertneqrq nf na vzcyvrq 'naq' bcrengbe. Rkcerffvba vf rinyhngrq yrsg gb evtug. Shegure, abg nyy frnepu ratvarf be frnepu tngrjnlf pheeragyl vzcyrzragrq unir gur obbyrna bcrengbef vzcyrzragrq.

Ovanel svyr Genafnpgvba (Glcr 9 be 5 vgrz)

P: Bcraf Pbaarpgvba.
F: Npprcgf pbaarpgvba
P: Fraqf Fryrpgbe Fgevat.
F: Fraqf n ovanel svyr naq pybfrf pbaarpgvba jura qbar.

Flagnpgvp Zrnavat sbe Qverpgbel Ragvgvrf

Gur pyvrag fubhyq vagrecerg gur glcr svryq nf sbyybjf:

0 Gur vgrz vf n GrkgSvyr Ragvgl.
Pyvrag fubhyq hfr n GrkgSvyr Genafnpgvba.

1 Gur vgrz vf n Zrah Ragvgl.
Pyvrag fubhyq hfr n Zrah Genafnpgvba.

2 Gur vasbezngvba nccyvrf gb n PFB cubar obbx ragvgl.
Pyvrag fubhyq gnyx PFB cebgbpby.

3 Fvtanyf na reebe pbaqvgvba.

4 Vgrz vf n Znpvagbfu svyr rapbqrq va OVAURK sbezng

Cntr 15

5 Vgrz vf CP-QBF ovanel svyr bs fbzr fbeg. Pyvrag trgf gb qrpvqr.

6 Vgrz vf n hhrapbqrq svyr.

7 Gur vasbezngvba nccyvrf gb n Vaqrk Freire.
Pyvrag fubhyq hfr n ShyyGrkg Frnepu genafnpgvba.

8 Gur vasbezngvba nccyvrf gb n Gryarg frffvba.
Pbaarpg gb tvira ubfg ng tvira cbeg. Gur anzr gb ybtva nf ng guvf ubfg vf va gur fryrpgbe fgevat.

9 Vgrz vf n ovanel svyr. Pyvrag zhfg qrpvqr jung gb qb jvgu vg.

+ Gur vasbezngvba nccyvrf gb n qhcyvpngrq freire. Gur vasbezngvba
pbagnvarq jvguva vf n qhcyvpngr bs gur cevznel freire. Gur cevznel
freire vf qrsvarq nf gur ynfg QveRagvgl gung vf unf n aba-cyhf
"Glcr" svryq. Gur pyvrag fubhyq hfr gur genafnpgvba nf qrsvarq ol
gur cevznel freire Glcr svryq.

t Vgrz vf n TVS tencuvp svyr.

V Vgrz vf fbzr xvaq bs vzntr svyr. Pyvrag trgf gb qrpvqr.

G Gur vasbezngvba nccyvrf gb n ga3270 onfrq gryarg frffvba.
Pbaarpg gb tvira ubfg ng tvira cbeg. Gur anzr gb ybtva nf ng guvf ubfg vf va gur fryrpgbe fgevat.

Frphevgl Pbafvqrengvbaf
Frphevgl vffhrf

Sadlly... (2)

C0vardeAn0nim0 (232451) | more than 12 years ago | (#3645030) is temporarily out of busines or it'll be a good time for an "arcticle" in the lines of "no IE security flaws found this week".

now seriously, this is getting anoying. since I started to rely on mozilla only (or since I ditched netscape 4.x for good) some 6 months ago I saw only ONE serious security flaw reported on it and it was corected in a week or so. but with IE we have at least 2 anoucements a month. this is getting so frequent I'm here asking /. to only publish news about IE when the head line is someting in the lines of the's style headline above. It'd save a lot in terms of my patience and bandwidht.

Slipping off the treadmill (2)

babbage (61057) | more than 12 years ago | (#3645033)

The last gopher server I used to visit regularly shut down something like three years ago. As far as I know -- no, I haven't checked -- there are no active gopher servers anymore.

And Microsoft is just getting around to hunting down security holes *now*? What does this say about more current protocols?

I predict that by 2005, they'll start looking for holes in SOAP )

Internet Sieve (1)

lionchild (581331) | more than 12 years ago | (#3645035)

At what point do we shift the name of a product like this from Explorer to Sieve? How many previous 'security holes' have there been?

MS is starting to look more and more like the little boy whose plugging the leaks in the dike with their fingers.

CaddyShack (2)

tswinzig (210999) | more than 12 years ago | (#3645043)

Sandy: "I want you to kill all the gophers on this course."

Spackler: "Check me if I'm wrong Sandy, but if I kill all the golfers, they'll lock me up and throw away the key."

Sandy: "The GOPHERS, man! Kill all the GOPHERS!"

New Product: Microsoft Door (2, Funny)

Ghengis (73865) | more than 12 years ago | (#3645047)

Keep the burglars out of your house with the new Microsoft Door. Complete with not dead-bolts, but tape, yes TAPE to keep it locked. Also, we've reached an all new level of user friendliness with the omission of door-knobs!!!

When was the last time... (2)

istartedi (132515) | more than 12 years ago | (#3645053)

...anybody clicked on a gopher link?

If there isn't a patch yet, or if MSFT says you gotta have IE6 or something, easiest thing to do is just block gopher. What is the gopher port anyway?

yet another reason... (1)

tps12 (105590) | more than 12 years ago | (#3645054) "root" for Linux!


Official Bugtraq Post (5, Informative)

PunchMonkey (261983) | more than 12 years ago | (#3645055)

The Official Bugtraq Post:


Gopher is a protocol developed at the University of Minnesota in the
early 1990's. Gopher servers offer hierarchically organized directories
and files. These form a "gopherspace" which can be thought of as the
predecessor of the World Wide Web. Gopher was mostly abandoned soon after
HTTP and the World Wide Web started gaining popularity.

Microsoft Internet Explorer has a built-in gopher client. Gopher pages can
be accessed via URLs starting with "gopher://". The part of code in IE
which parses gopher replies contains an exploitable buffer overflow
bug. A malicious server may be used to run arbitrary code on an IE user's


When the overflow is triggered, a fixed sized buffer in stack gets
overwritten with data from the gopher server. This data can contain most
octets from 0 to 255 (also nulls) which makes it particularly easy to
inject a working shellcode in it. This is a traditional, trivially
exploitable buffer overflow. A test exploit has been successfully used to
run arbitrary code without user intervention with various IE versions and
systems including IE 5.5 and 6.0.

The attack can be launched via a web page or an HTML mail message which
redirect the user to a malicious gopher server when the victim views them.
The server can be very minimal, ie. a program that can listen on a TCP
port and write a block of data; a fully operational gopher server isn't
necessary in order to carry out the attack.

The exploiter could do anything that a regular user could do on the
system: retrieve, install, or remove files, upload and run programs, etc.

Full technical details aren't disclosed at this time to prevent


Internet Explorer users can protect themselves from the flaw by disabling
the gopher protocol. Barely any gopher servers exist on the Internet
today, so this is unlikely to cause problems. If needed, a gopher client
or some other web browser can be used to access the gopherspace.

An easy way to disable processing and displaying gopher pages is to define
a non-functional gopher proxy in Internet Options. Select Tools ->
Internet options -> Connections. Click on "LAN settings". Check "Use a
proxy server for your LAN". Click on "Advanced...". Here you can define
proxy servers to be used with different protocols. Go to the Gopher text
field and enter "localhost", and "1" in the port text field. This will
stop Internet Explorer from fetching any gopher documents.

After installing the patch from Microsoft you can remove these gopher
proxy settings (or restore them to values they had before).

For more information and a vulnerability test see


Microsoft was contacted on May 20th. At the moment of writing this
advisory, Microsoft has started designing and coding a fix, but hasn't
given any approximation of when it would be released. The patch will be
available at asp

when it is completed.

URL for technical info on the hole (1)

Knytefall (7348) | more than 12 years ago | (#3645060)

This site [] contains technical info on the hole. It's a buffer overflow.

Workaround (2)

DeadSea (69598) | more than 12 years ago | (#3645065)

Is there a workaround for this? Probably not. I don't think any of the major browsers have a way to selecivly disable browser features. It would be nice if you could disable gopher: hyperlinks until this got fixed.

A nice browser feature would be a regular expression based prefilter of web pages. If a file called prefilter.rules exists, the browser would run the raw html of each pages it downloaded through the filter. This would allow admins to make the browser safe again (with some lost functionality) until the browser was patched.

In this case you might want to use a rule something like:
s/(gofer\:[^'" \n\r\t]*)/about:blocked.html?$1/

I should see if this is a requested feature for mozilla yet. With browsers knowing about regexp for javascript this probably wouldn't be too hard to implement. Plus once it was implemented, you could use it for blocking ads and other annoyances.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>