[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.63.0604250921120.23588@secpro.servermatrix.com>
Date: Tue, 25 Apr 2006 09:22:58 -0700 (PDT)
From: Tom Ferris <tommy@...urity-protocols.com>
To: Colin Keigher <colinkeigher@...us.net>
Cc: security@...shdot.ch, bugtraq@...urityfocus.com
Subject: Re: Apple Mac OS X Safari 2.0.3 Vulnerability
Just tested on the following:
OS X 10.4.6 PPC with Safari 2.0.3 (417.9.2)
Completely locked up my machine.. ;)
Tom Ferris
Researcher
www.security-protocols.com
Key fingerprint = 0DFA 6275 BA05 0380 DD91 34AD C909 A338 D1AF 5D78
On Mon, 24 Apr 2006, Colin Keigher wrote:
> It seems to affect older versions also.
>
> Tested on:
> iBook G4 with Mac OS X 10.3.9 (Build 7W98) + all updates from Apple
>
> Version affected:
> Safari 1.3.1 (312.3.1) under 10.3.9
>
> Colin Keigher
> colinkeigherREMOVEFORAFREEPRIZEtelus.net
>
> On 24-Apr-06, at 11:00 AM, " " <security@...shdot.ch> <security@...shdot.ch>
> wrote:
>
>>
>>
>> Apple Mac OS X Safari 2.0.3 Vulnerability
>> =========================================
>>
>> Release Date:
>> April 23th, 2006
>>
>> Vendor:
>> Apple Computer Inc.
>>
>> Tested on:
>> iBook G4 1.2 GHz with Mac OS X 10.4.5 (Build 8H14) + all Updates from Apple
>> except "10.4.6 Update"
>> iBook G4 1.33 GHz with Mac OS X 10.4.6 (Build 8I127) + all Updates from
>> Apple
>> PowerMac G4 Dual 867 MHz with Mac OS X 10.4.6 (Build 8I127) + all Updates
>> from Apple
>> iMac G4 800 MHz with Mac OS X 10.4.6 (Build 8I127) + all Updates from Apple
>>
>> Versions affected:
>> Safari 2.0.3 (417.9.2) latest version under 10.4.5 (Build 8H14) and perhaps
>> prior versions
>> Safari 2.0.3 (417.9.2) latest version under 10.4.6 (Build 8I127) and
>> perhaps prior versions
>>
>> Overview:
>> A vulnerabilitiy exists in Safari 2.0.3 (417.9.2) and perhaps in prior
>> versions which causes the operating system to slow down SRCOD (Spinning
>> Rainbow Cursor Of Death), and therefore, it's not possible to launch any
>> applications like Terminal to kill the process. After several minutes
>> Safari crashes.
>>
>> Technical Details:
>> Create a new File with following code ...
>>
>> <HTML>
>> <TABLE>
>> <TR><TD ROWSPAN=2000000000>
>>
>> .. then save it as a .html file (example.html) now open it in Safari. The
>> application takes a lot of CPU and RAM slowing down the operating system
>> SRCOD (Spinning Rainbow Cursor Of Death), and it is no longer possible to
>> use OSX even "apple" + "ALT" + "ESC" is working very slow!
>> Go around and pull the power cable out or press the startbutton for a while
>> to shut down the computer.
>>
>> For an expample klick at the link with Safari (WARNING: That crashes Safari
>> after several minutes an first the SRCOD (Spinning Rainbow Cursor Of Death)
>> is there for all the time!)
>> http://www.yanux.ch/exploits/safari/example.html
>>
>> Report:
>> iMac G4 800 MHz with Mac OS X 10.4.6 (Build 8I127) + all Updates from Apple
>> http://www.yanux.ch/exploits/safari/bugreport_imac_g4.txt
>>
>> Vendor Status:
>> Apple has notified of this issues on 04/23/2006
>>
>> Solution:
>> Currently no patches have been released for this vulnerability.
>>
>> Discovered by:
>> Yannick von Arx
>> yannick[dot]vonarx[at]yanux[dot]ch
>>
>> ____________________________
>>
>> e-mail:yannick.vonarx@...ux.ch
>> web: www.yanux.ch
>>
>>
>>
>> ------
>> freemails.ch - Free Swiss E-Mails
>>
>> Webhosting nach Mass bereits ab CHF 5.50: www.hostplace.ch
>>
>>
>
Powered by blists - more mailing lists