lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <200605151955.08591.leander@blanet.dk>
Date: Mon, 15 May 2006 19:55:08 +0200
From: "Leif Erik Andersen (at Seven)" <leander@...net.dk>
To: bugtraq@...urityfocus.com
Subject: Re: JDK 1.4.2_11, 1.5.0_06, unsigned applets consuming all free harddisk space


Hi Marc

You wrote to bugtraq:
> Quite a while ago I was testing  with applets and found
> this by accident. It is definitely not a big issue, but worth
> to mention, as I discovered that an applet was eating up all the
> free space on the harddrive by allocating a large file in
> the users hidden temp dir (filename is something like
> +~JF57558.tmp ).
>
> Even when leaving the page the applet continues to work due
> to the broken event management between the browser
> and the JVM and after quitting the browser the temp file
> is not deleted.
> Therefore it leaves the machine in a terrible state, with
> no available space left, necessary for automatic security updates.
> And I am just transferring zero bytes but more harmful payload is
> certainly possible.
>
> Java is supposed to work similar on all platforms (write
> once, crash everywhere :-). So please tell me whether
> the following link fills up your hard disk
> (use on your own RISK, of course):
> http://www.illegalaccess.org/exploit/FullDiskApplet.html

The same happened on my Linux Fedora Core 4 workstation with Konqueror 
3.4.2-0.FC4.1 and Java JDK1.5.0_01. It filled the root partitition 
(where /tmp is on my system) with about a 500 mb temp-file in no time. The 
file disappeared while I wrote this report, though, after terminating the 
Konqueror-window.

Regards
-- 
Leif Erik Andersen, leander@...net.dk
BLA*net


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ