Gmail/Gtalk web client DoS
Gmail/Gtalk web client DoS
Summary
It is trivial to freeze the browser of a known user who is currently using
Gmail with the Gtalk feature enabled. This could lead to a denial of service
attack against any user of Gmail who is using the web client.
Technical Details
Gtalk within Gmail converts some incoming emoticons into animated gifs.
Sending a large quantity at once will cause the recipient's browser to lock up
until the message is fully converted. With relatively few (100) emoticons, you
can freeze a browser for a few minutes. Larger quantities, or multiple
messages could extend this time indefinitely. If the Gmail web client is used
to send the message, the sender's browser will also lock up.
The standalone Google Talk client for Windows does not suffer from this
problem, and is the easiest way to send the messages to a target. In theory,
any properly configured Jabber client could be used. Conceivably, modified
Jabber clients could be configured to run a widespread DoS attack against
active Gmail users at a low cost to the attacker, since the message size is
small and requires little bandwidth.
Known Affected Browsers:
Firefox 1.5.0.3
Internet Explorer 6.0
Internet Explorer 7.0 Beta 2
Seamonkey 1.0
Known Unaffected Browsers:
Safari 1.3.2
Any browser which the Gtalk client does not run in will be unaffected.
Workaround
Disabling the Gtalk feature while using Gmail will protect a user, at the cost
of the ability to chat.
Credits
Special thanks to Kevin Fleming for help research this issue.