lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20061102233023.D38321600A3@poczta.interia.pl>
Date: 03 Nov 2006 00:30:23 +0100
From: OOZIE <oozie@...zta.fm>
To: bugtraq@...urityfocus.com
Subject: Re: Firefox 1.5.0.7 Exploit

Hi! 

> <!--
> 
> Do 2 Nov 16:35:53 CET 2006
> Vulnerable: Firefox 1.5.0.7 and probably versions below
> Impact: DoS (perhaps Code Execution)
> 
> As Firefox 2.0 was released a few days ago...
> A "new" Exploit for the old version!
> The great Firefox! ;D
>
[...]
>
> If the URL is bigger than 4092 bytes, Firefox crashes!
> The URL in the following code is 4093 bytes!
> 
> Greets: Oli
> 
> Always looking for a nice talk: http://d-e-k-a-d-e-n-t.de/blog
> 
> -->

I use SUSE 10.1 with updated Firefox 1.5.0.7, unfortunately, I was unable to
reproduce this behaviour on 32bit AMILO Pro V2030. Not only with your URL-exploit,
I tried many different ones based on your hints. No success. 

Best Regards,
OOZIE

----------------------------------------------------------------------
PS. >>> http://link.interia.pl/f19a6

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ