[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <3ca7b4870604251002q1e84f8e0wfc07e4cc95a6bce9@mail.gmail.com>
Date: Tue, 25 Apr 2006 13:02:32 -0400
From: "Billy Bues" <bwbues@...il.com>
To: "Tom Ferris" <tommy@...urity-protocols.com>
Cc: "Colin Keigher" <colinkeigher@...us.net>, security@...shdot.ch,
bugtraq@...urityfocus.com
Subject: Re: Apple Mac OS X Safari 2.0.3 Vulnerability
Locked machine up for 3 minutes, then Safari crashed and the machine recovered.
OSX 10.4.5 PPC Safari 2.0.3
On 4/25/06, Tom Ferris <tommy@...urity-protocols.com> wrote:
> Just tested on the following:
>
> OS X 10.4.6 PPC with Safari 2.0.3 (417.9.2)
>
> Completely locked up my machine.. ;)
>
> Tom Ferris
> Researcher
> www.security-protocols.com
> Key fingerprint = 0DFA 6275 BA05 0380 DD91 34AD C909 A338 D1AF 5D78
>
> On Mon, 24 Apr 2006, Colin Keigher wrote:
>
> > It seems to affect older versions also.
> >
> > Tested on:
> > iBook G4 with Mac OS X 10.3.9 (Build 7W98) + all updates from Apple
> >
> > Version affected:
> > Safari 1.3.1 (312.3.1) under 10.3.9
> >
> > Colin Keigher
> > colinkeigherREMOVEFORAFREEPRIZEtelus.net
> >
> > On 24-Apr-06, at 11:00 AM, " " <security@...shdot.ch> <security@...shdot.ch>
> > wrote:
> >
> >>
> >>
> >> Apple Mac OS X Safari 2.0.3 Vulnerability
> >> =========================================
> >>
> >> Release Date:
> >> April 23th, 2006
> >>
> >> Vendor:
> >> Apple Computer Inc.
> >>
> >> Tested on:
> >> iBook G4 1.2 GHz with Mac OS X 10.4.5 (Build 8H14) + all Updates from Apple
> >> except "10.4.6 Update"
> >> iBook G4 1.33 GHz with Mac OS X 10.4.6 (Build 8I127) + all Updates from
> >> Apple
> >> PowerMac G4 Dual 867 MHz with Mac OS X 10.4.6 (Build 8I127) + all Updates
> >> from Apple
> >> iMac G4 800 MHz with Mac OS X 10.4.6 (Build 8I127) + all Updates from Apple
> >>
> >> Versions affected:
> >> Safari 2.0.3 (417.9.2) latest version under 10.4.5 (Build 8H14) and perhaps
> >> prior versions
> >> Safari 2.0.3 (417.9.2) latest version under 10.4.6 (Build 8I127) and
> >> perhaps prior versions
> >>
> >> Overview:
> >> A vulnerabilitiy exists in Safari 2.0.3 (417.9.2) and perhaps in prior
> >> versions which causes the operating system to slow down SRCOD (Spinning
> >> Rainbow Cursor Of Death), and therefore, it's not possible to launch any
> >> applications like Terminal to kill the process. After several minutes
> >> Safari crashes.
> >>
> >> Technical Details:
> >> Create a new File with following code ...
> >>
> >> <HTML>
> >> <TABLE>
> >> <TR><TD ROWSPAN=2000000000>
> >>
> >> .. then save it as a .html file (example.html) now open it in Safari. The
> >> application takes a lot of CPU and RAM slowing down the operating system
> >> SRCOD (Spinning Rainbow Cursor Of Death), and it is no longer possible to
> >> use OSX even "apple" + "ALT" + "ESC" is working very slow!
> >> Go around and pull the power cable out or press the startbutton for a while
> >> to shut down the computer.
> >>
> >> For an expample klick at the link with Safari (WARNING: That crashes Safari
> >> after several minutes an first the SRCOD (Spinning Rainbow Cursor Of Death)
> >> is there for all the time!)
> >> http://www.yanux.ch/exploits/safari/example.html
> >>
> >> Report:
> >> iMac G4 800 MHz with Mac OS X 10.4.6 (Build 8I127) + all Updates from Apple
> >> http://www.yanux.ch/exploits/safari/bugreport_imac_g4.txt
> >>
> >> Vendor Status:
> >> Apple has notified of this issues on 04/23/2006
> >>
> >> Solution:
> >> Currently no patches have been released for this vulnerability.
> >>
> >> Discovered by:
> >> Yannick von Arx
> >> yannick[dot]vonarx[at]yanux[dot]ch
> >>
> >> ____________________________
> >>
> >> e-mail:yannick.vonarx@...ux.ch
> >> web: www.yanux.ch
> >>
> >>
> >>
> >> ------
> >> freemails.ch - Free Swiss E-Mails
> >>
> >> Webhosting nach Mass bereits ab CHF 5.50: www.hostplace.ch
> >>
> >>
> >
>
Powered by blists - more mailing lists