Bugtraq mailing list archives
Re[4]: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers
From: "Vladimir '3APA3A' Dubrovin" <3APA3A () SECURITY NNOV RU>
Date: Sat, 29 May 2010 00:35:05 +0400
Dear John Smith, In general case we are discussing, DoS may be caused by e.g. some combination of allowed tags/properties or by malformed image. As it was pointed by author, this attack may be performed with scripting disabled (with [iframe src=]). That's why e-mail vector may be significant. --Friday, May 28, 2010, 11:55:28 PM, you wrote to 3APA3A () SECURITY NNOV RU: JS> Point taken. But that'd be a non-issue on the browser's end as much as JS> site's that is allowing the rogue scripts (or malformed ads, as per your JS> example). JS> The fork of this mail thread clearly explains what I'm talking about. The JS> issue noted there is a simple DoS attack which every programming language JS> and platform is vulnerable too. Its called the "infinite loop". It is not a JS> 'security vulnerability' by itself and is completely agnostic of the uri JS> handler (try http or anything instead of nntp). JS> Here's the simplified JS version of it (lets call it the Universal DoS -- JS> yes, it'd work for every browser on the planet that can execute JS) - JS> <script> JS> while(1)alert('hello world'); JS> </script> JS> Done! JS> Workaround: JS> None very intuitive. Maybe allow the user to terminate the script at every JS> iteration? specific time period? etc... JS> -------------------------------------------------- JS> From: "Vladimir '3APA3A' Dubrovin" <3APA3A () SECURITY NNOV RU> JS> Sent: Friday, May 28, 2010 11:47 PM JS> To: "John Smith" <at-x () live com> JS> Cc: "MustLive" <mustlive () websecurity com ua>; "Susan Bradley" JS> <sbradcpa () pacbell net>; <bugtraq () securityfocus com> JS> Subject: Re[2]: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, JS> Opera and other browsers
Dear John Smith, Actually, browser DoS may be quite serious vulnerability, depending on nature of DoS. Think about e.g. banner or content exchange network, social networks, web boards, etc where browser vulnerability may be used against site or page because it will harm any visitors of this site or page. In case of this very vulnerability, most serious impact may be from e-mail vector. --Friday, May 28, 2010, 7:07:50 PM, you wrote to mustlive () websecurity com ua: JS> Just a few cents - DoS in webbrowsers doesn't fall under the category of JS> "vulnerabilities" rather more of "annoyances". Although I don't deny the JS> fact that certain DoS attacks *may lead* or *may serve as hints* to other JS> more serious exploits, but that's a different topic and with ASLR in the JS> scene, a very grey area of discussion. -- Skype: Vladimir.Dubrovin ~/ZARAZA http://securityvulns.com/ Стреляя во второй раз, он искалечил постороннего. Посторонним был я. (Твен)
-- Skype: Vladimir.Dubrovin ~/ZARAZA http://securityvulns.com/ Машина оказалась способной к единственному действию, а именно умножению 2x2, да и то при этом ошибаясь. (Лем)
Current thread:
- DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers MustLive (May 18)
- Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers Susan Bradley (May 18)
- Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers MustLive (May 20)
- Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers Susan Bradley (May 20)
- Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers MustLive (May 28)
- Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers John Smith (May 28)
- Re[2]: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers Vladimir '3APA3A' Dubrovin (May 28)
- Re: Re[2]: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers John Smith (May 28)
- Re[4]: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers Vladimir '3APA3A' Dubrovin (May 31)
- Re: Re[4]: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers John Smith (May 31)
- Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers MustLive (May 20)
- Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers Susan Bradley (May 18)