Re: Re: [Eleytt] 7LIPIEC2007

To: gynvael@xxxxxxxxxxx
Subject: Re: Re: [Eleytt] 7LIPIEC2007
From: Michał Melewski <mike@xxxxxxxxxxxxxxxxxx>
Date: Thu, 12 Jul 2007 11:55:13 +0200
Cc: bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <20070710214647.7753.qmail@xxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <20070710214647.7753.qmail@xxxxxxxxxxxxxxxxx>

Dnia 10-07-2007, wto o godzinie 21:46 +0000, gynvael@xxxxxxxxxxx
napisał(a):
> Michal Zalewski wrote:
> >> 1. Firefox 2.0.0.4 Remote Denial of Service Vulnerability
> >> http://sapheal.hack.pl/phun/ff2die/
> >This does not crash on me, and I can't see a likely mechanism of action
> >that would lead to a DoS condition. 
> 
> It did hang Firefox 2.0.0.4 (32 bit) at my place (Microsoft Vista, x64). The 
> browser did not respond, and had to be killed. Looks like DoS to me.
Yep, firefox stops to respond because this script opens 10000 new
windows. Following that way I can say, that i found DoS in Word, because
when I tried to open 10000 documents it also stopped to respond.


-- 
Michael "carstein" Melewski  |  "We have no future because our present  
carstein()7thguard.net       |  is too volatile. We have only risk 
mobile: 512 357 303          |  management. The spinning of the given 
JID: carstein()gentoo.pl     |  moment's scenarios. Pattern recognition.

References:
- Re: Re: [Eleytt] 7LIPIEC2007
  - From: gynvael

Prev by Date: MkPortal - Multiple SQL Injection Vulnerabilities
Next by Date: iDefense Security Advisory 07.12.07: Red Hat Enterprise Linux init.d XFS Script chown Race Condition Vulnerability
Previous by thread: Re: Re: [Eleytt] 7LIPIEC2007
Next by thread: Re: [Eleytt] 7LIPIEC2007
Index(es):
- Date
- Thread