| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200310120132.h9C1WR9U092774@grenada.globat.com> Date: Sat, 11 Oct 2003 21:32:29 -0400 From: "Joe" <mvp@...ware.net> To: <Full-Disclosure@...ts.netsys.com> Cc: <bugtraq@...urityfocus.com> Subject: RE: Local DoS in windows. Umm nope, not on my XP SP1 machine. I have about 15 windows running and avg 1% utilization. I do your little trick and there is no change. Though maybe it is because my machine is one of those really fast 900Mhz PIII's. Maybe the problem is you are running a hacked version of shell32.dll from http://www.geocities.com/visitbipin/ and he screwed it up. Thanks for playing. joe -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of bipin gautam Sent: Friday, October 10, 2003 1:18 PM To: Full-Disclosure@...ts.netsys.com Cc: bugtraq@...urityfocus.com --- [Affected] --- We have only tried it in windows Xp. --- [Bug Details] --- http://www.geocities.com/visitbipin/win_dos.jpg The image is self explanatory... --- [Description] --- When you click to "any" close, maximize or minimize button's in windows Xp, [No matter whether it's IE or a WordPad] surprisingly there is 100% CPU use at the instant and it continues............ until you release the button! Moreover, we've noticed if you continuously click the button for a long time [... not release it and hold ON ] we've seen gradual/slow rise in page-file use too...!!! --- [Conclusion] --- Hell... local DoS! That could be used by employees working at different terminal..... (O; --- [Background Information] --- This bug was originally discovered by hUNT3R,[myself] a member of 01 Security Submission. The vendor was notified via email. http://www.ysgnet.com/hn --- [I want a JOB/scholarship... anyone??? - hUNT3R] --- __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists