lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Sun, 20 Jan 2013 14:01:15 +0100
From: "Stefan Kanthak" <stefan.kanthak@...go.de>
To: <bugtraq@...urityfocus.com>,
	<full-disclosure@...ts.grok.org.uk>
Cc: bugzilla-daemon@...illa.org
Subject: Mozilla Firefox and Microsoft Internet Explorer
	stall when using workaround from MS06-020 or MS06-069

Hi @ll,

the Microsoft security bulletins
<http://technet.microsoft.com/en-us/security/bulletin/ms06-020>
<http://technet.microsoft.com/en-us/security/bulletin/ms06-069>
show the following workaround to disable Macromedia Flash Player
with software restriction policies a.k.a. SAFER:

--- MS06-069.REG ---
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers]
"TransparentEnabled"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{2742f840-c2d8-4eb3-a486-0a9d0879f29f}]
"LastModified"=hex(b):10,c3,8a,19,c6,e3,c5,01
"Description"="Block Macromedia Flash"
"SaferFlags"=dword:00000000
"ItemData"=hex(2):25,77,69,6e,64,69,72,25,2f,73,79,73,74,65,6d,33,32,2f,6d,61,63,72,6f,6d,65,64,2f,66,6c,61,73,68,2f,2a,00

--- EOF ---

When this (or an equivalent) SAFER rule to block flash player
is set AND the flash player plugin/activex control is installed
and enabled in Mozilla Firefox or Microsoft Internet Explorer,
then both browsers stall or slow to a crawl as soon as a web page
which uses the flash player plugin/activex control is loaded.

Apparently both web browsers handle the return code(s) from the
denied loading of the flash player plugin/activex control wrong!

Tested with MSIE6 to MSIE9 on Windows XP to Windows 7,
and Mozilla Firefox 1x.x on Windows XP and Windows 7.

Stefan Kanthak

PS: Opera doesn't show this error!

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists