| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <446272A1.50002@zipman.it> Date: Thu, 11 May 2006 01:09:21 +0200 From: Flavio Visentin <THe_ZiPMaN@...man.it> To: bugtraq@...urityfocus.com Subject: Re: Firefox 1.5.0.3 - DoS -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 p4.werterxyz@...il.com wrote: > test2: > http://werterxyz.altervista.org/test2.html > http://geocities.com/werterxyz/test2.html * Mozilla claims this is a security bug with normal severity. https://bugzilla.mozilla.org/show_bug.cgi?id=334341 * Secunia classify this as a not critical security bybass. http://secunia.com/advisories/19698/ * Some days ago yesn@...n.com claimed that this was a "code execution exploit". (LOL) * Now this guy claims this is a "Denial of Service". (ROTFL) Maybe someone should explain this people which is the differences between a security threat, an application bug, and an expected behaviour. This is a DoS as the following. I found a new denial of service vulnerability in Windows CMD.EXE that affects all Windows versions that have the CMD.EXE executable. The user must execute a new shell and write this text followed by the Enter button: for /l %i in (1,1,10000) do explorer.exe - -- Flavio Visentin GPG Key: http://www.zipman.it/gpgkey.asc There are only 10 types of people in this world: those who understand binary, and those who don't. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEYnKhusUmHkh1cnoRAiHcAJ0aA9n+kFBSuP3De6zdZBDTwBI+YgCeI3fb n2QLWmC7JxAwEmR+lPWcLIU= =I+Iu -----END PGP SIGNATURE-----
Powered by blists - more mailing lists