<<< Date Index >>>     <<< Thread Index >>>

Re: Firefox 1.5.0.3 - DoS



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

p4.werterxyz@xxxxxxxxx wrote:
> test2:
> http://werterxyz.altervista.org/test2.html
> http://geocities.com/werterxyz/test2.html

* Mozilla claims this is a security bug with normal severity.
https://bugzilla.mozilla.org/show_bug.cgi?id=334341

* Secunia classify this as a not critical security bybass.
http://secunia.com/advisories/19698/

* Some days ago yesn@xxxxxxxx claimed that this was a "code execution
exploit". (LOL)

* Now this guy claims this is a "Denial of Service". (ROTFL)


Maybe someone should explain this people which is the differences
between a security threat, an application bug, and an expected behaviour.

This is a DoS as the following.

I found a new denial of service vulnerability in Windows CMD.EXE that
affects all Windows versions that have the CMD.EXE executable.
The user must execute a new shell and write this text followed by the
Enter button:

for /l %i in (1,1,10000) do explorer.exe

- --
Flavio Visentin
GPG Key: http://www.zipman.it/gpgkey.asc

There are only 10 types of people in this world:
those who understand binary, and those who don't.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEYnKhusUmHkh1cnoRAiHcAJ0aA9n+kFBSuP3De6zdZBDTwBI+YgCeI3fb
n2QLWmC7JxAwEmR+lPWcLIU=
=I+Iu
-----END PGP SIGNATURE-----