Full Disclosure mailing list archives
Re: Apple Safari ... DoS Vulnerability
From: bobby.mugabe () hushmail com
Date: Tue, 03 Mar 2009 18:33:21 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mr. Starks, Please remind us what you're talking about. - -bm On Tue, 03 Mar 2009 18:31:05 -0500 Jason Starks <jstarks440 () gmail com> wrote:
Did Safari have a bug or something... On Tue, Mar 3, 2009 at 6:21 PM, Valdis' Mustache < security.mustache () gmail com> wrote:Mr. Snarks, If you can't tell the difference between the Zimbabweanpresident andwhat's under my esteemed owner's nose I suggest you consult RFC2821for guidance. I am NOT amused. Your humble servant, V knír z Valdis On Tue, Mar 3, 2009 at 6:01 PM, Jason Starks<jstarks440 () gmail com> wrote:Right..On Tue, Mar 3, 2009 at 5:45 PM, <bobby.mugabe () hushmail com>wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mr. Stark,There. On Tue, Mar 3, 2009 at 5:56 PM, <bobby.mugabe () hushmail com>wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Where? - -bm On Tue, 03 Mar 2009 17:54:51 -0500 Jason Starks <jstarks440 () gmail com> wrote:Mr. Mustache, There is a missing "s" on the end of my last name. Yours truly, Jason "Bench Press" Starks On Tue, Mar 3, 2009 at 5:45 PM, <bobby.mugabe () hushmail com>wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mr. Stark, Adhering to the tradition of my fathers, I do not sportanyfacialhair and take offense to your comment, and since you'reobviouslylacking basic observational skills I highly doubt you'reeven astalented as my Cadburys, at anything. - -bm On Tue, 03 Mar 2009 11:11:35 -0500 Jason Starks <jstarks440 () gmail com> wrote:Mr. Mustache, it is obvious that I have more talent thana boxofchocolates, and that you envy the sadistic nature of yourfellowtrolls on this list. Point blank. On Tue, Mar 3, 2009 at 6:18 AM,<bobby.mugabe () hushmail com>wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Valdis, I have been able to reproduce a similar situation usingFirefoxunder MacOSX, using different websites and asignificantlylargernumber of tabs. Do you think these issues might berelatedorarethey operating system specific? What model of CPU wereyoutestingthis issue under? Thanks, - -bm On Mon, 02 Mar 2009 23:41:53 -0500 Valdis' Mustache <security.mustache () gmail com> wrote:I would like to point out that I have been able tocreate a"hung"state in the Firefox browser by opening 30simultaneous tabspointed at http://www.welcometointernet.org/lawnmower/ andadding a31sttab viewing http://www.hotrussianbrides.com. Also, I am not amused. Your humble servant, Ze Mustache von Kletnieks On Mon, Mar 2, 2009 at 10:29 PM,<bobby.mugabe () hushmail com>wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Nick, You and Thierry Loller are wrong. - -bm On Mon, 02 Mar 2009 21:28:17 -0500 Nick FitzGerald<nick@virus-l.demon.co.uk> wrote:Chris Evans to Thierry Zoller:Example If a chrome tab can be crashed arbritarely(remotely)itisaDoS attackbut with ridiculy low impact to the end-user asitonlycrashes the tabit was subjected to, and not the whole browseroroperationsystem.But the fact remains that this was the impact ofa DoScondition,the tab crashes arbritarily.Eh? If you visit www.evil.com and your tabcrashes,that'snodifferent from www.evil.com closing its own tabwithJavascript.But what if www.evil.com has run an injection attackofsomekind(SQL, XSS in blog comments, etc, etc) againstwww.stupid.com?Visitors to stupid.com then suffer a DoS... Yes, stupid.com should run their site better, fixtheirmyriadXSSholes, etc, etc. But this is the Internet, so this "software flaw"can beleveragedas security vulnerability. I'm with Thierry on this... Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia -http://secunia.com/-----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified athttps://www.hushtools.com/verifywpwEAQMCAAYFAkmso8YACgkQhNp8gzZx3sj93AP/a+oFmgLbU2Elo0livpG3c6Qvh8+0b69LocD4LJmaR3NR4H7AHZYJiqm1TegwdTvtgY4sZd0lXi5EKZYTJMl9tj2Pd53fxXFm7eK5yf6oRGggrdOLyDjRkMV3bVnOppwXviMHdk8quxx8sDRxA99ZlKKUA40RXFa5eAhpUpXIZ1s= =zgqd -----END PGP SIGNATURE----- -- Become a medical transcriptionist at home, at yourownpace.http://tagline.hushmail.com/fc/BLSrjkqfMmg6RbMKs4GE43pzNkcKJRWafc7cDXj4iASDyccuLtQA2i9f1le/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia -http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/-----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified athttps://www.hushtools.com/verifywpwEAQMCAAYFAkmtEaMACgkQhNp8gzZx3shZFwQAjiE2W/WUkNHrLIu1lBRz6oeDVrknTmV8TCcaDpsvkRmhNrKFXYObPEatdJ0po7Iul333mllga8+elMukkH15J7BwUZdGlNA5wpE6zNx8ks6L9qS9UxklE8BErdTfUY/OF5FK4aZ92JcngL1xFTkZlDJS0lvIKGry3vjuP7xAvvQ= =avqi -----END PGP SIGNATURE----- -- Click to find great rates on health insurance, savebig, shophere.http://tagline.hushmail.com/fc/BLSrjkqeRcNd9NCXSJiZxV7gq821SXvgq2GWai39WLJo4QlOxYCnjxaqn9u/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/-----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified athttps://www.hushtools.com/verifywpwEAQMCAAYFAkmtsnoACgkQhNp8gzZx3sgiJwQAnL87haXBbGW80ORA4Ufa7Leh0JSgXyPSdH32tRZUA+dJaRhoaWJt6HqaKAEltZgsqkrwsA6pTgIIx/IKYdRATBqsrdaBwrFMkKhLez2kSeOcODLg1OOpGZ4EwQgZws/Qh1sMQOYjCpBF1W2/q+wvwV8Y8xn4V2MdK4CLXTUWWLI= =FOnb -----END PGP SIGNATURE----- -- Become a medical transcriptionist at home, at your ownpace.http://tagline.hushmail.com/fc/BLSrjkqfMmd367qFNEy5ii9ij3bU6df9tEPVYBzpFXa7E7s6QHH4MsdQbb6/-----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified athttps://www.hushtools.com/verifywpwEAQMCAAYFAkmttPMACgkQhNp8gzZx3sjzEwP+LKS6V4qJiWSZckzKh/oS5VSCWKZ 61bV6uhWvfZKflCc19WDP0qvX/39nXQnciHu77C5t2rc1Sz8puZ4uqW9jvc1vSLB6Ixh kf9kJc/Xqy3jz2QgQn7ljkTlfLhiylI1Y4DSnl/VH7gQfMFLCzFaPY7MkX596quYacZu 3eJKIjEU= =MEss -----END PGP SIGNATURE----- -- Thinking of a life with religion? Click here to find areligious schoolnear you.http://tagline.hushmail.com/fc/BLSrjkqkOt23N64MfCBCDe7Ocvf3t1DcVFSD ppHSTZUDCQJQcaRhPY88GLe/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE----- Charset: UTF8 Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0 wpwEAQMCAAYFAkmtvaIACgkQhNp8gzZx3shw0gQApVAssgnlbEdbJuSI9LTuB2QxlTdi w+XwGGqXs/UVV0+I7amQy7IpvYwEsVASgocRB0ajYUcWxvFFlA8wDa8+NO1GtI9T7Ufz TXILSI6/vs4zEi3P72FBXlHt0E8+DoDRyPaydeHRndK3RoQJtCNqhRPilt3KKf6KFfNA DSHVeME= =2AOL -----END PGP SIGNATURE----- -- Hate your job? Click here to start a rewarding career in Human Resources. http://tagline.hushmail.com/fc/BLSrjkqZyLjMaoo9Gx63xeRF8bFe7nk5XBng9tD7ERdeae30AhVBohJ2D4k/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Apple Safari ... DoS Vulnerability, (continued)
- Re: Apple Safari ... DoS Vulnerability Jim Parkhurst (Mar 03)
- Re: Apple Safari ... DoS Vulnerability M.B.Jr. (Mar 03)
- Re: Apple Safari ... DoS Vulnerability bobby . mugabe (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 03)
- Re: Apple Safari ... DoS Vulnerability bobby . mugabe (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Valdis' Mustache (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 03)
- Re: Apple Safari ... DoS Vulnerability bobby . mugabe (Mar 03)
- Re: Apple Safari ... DoS Vulnerability bobby . mugabe (Mar 03)
- Re: Apple Safari ... DoS Vulnerability bobby . mugabe (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Biz Marqee (Mar 04)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 04)
- Re: Apple Safari ... DoS Vulnerability Valdis' Mustache (Mar 04)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 04)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 04)
- Re: Apple Safari ... DoS Vulnerability Chris Evans (Mar 04)
- Re: Apple Safari ... DoS Vulnerability Valdis' Mustache (Mar 04)