| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 Feb 2009 20:12:12 +0100 From: Rolphin <rolphin@...e.fr> To: XiaShing@...il.com Cc: bugtraq@...urityfocus.com Subject: Re: Denial of Service using Partial GET Request in Mozilla Firefox 3.06 Hi, How is this related to Firefox ? See further: On Feb 12, 2009, at 09:14 , XiaShing@...il.com wrote: > ============================================================ > !vuln > Mozilla Firefox 3.06 > Previous versions may also be affected. > ============================================================ > > ============================================================ > !risk > Medium > There are currently many users using Mozilla Firefox. > However, there has been no confirmation of remote execution > of arbitrary code yet. > ============================================================ > > ============================================================ > !info > Tested on: > Windows Vista Version Service Pack 1 Build 6001 > Processor Intel(R) Core(TM)2 Duo CPU T8300 @ 2.40GHz, > 2401 Mhz, 2 Core(s), 2 Logical Processor(s) > > User Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; > rv:1.9.0.6) Gecko/2009011913 Firefox/3.0.6 > (.NET CLR 3.5.30729) > ============================================================ This is the firefox user agent string... > > > ============================================================ > !discussion > The Partial GET Request (HTTP 206 Status Code) of a WAV file > results in a Denial of Service of the application. > > Last HTTP packet from Firefox before the DoS is listed below > in RAW format: > GET /fpaudio/footprints_waves.wav HTTP/1.1 > Accept: */* > User-Agent: NSPlayer/11.0.6001.7001 WMFSDK/11.0 Is this firefox ? > > UA-CPU: x86 Only MS set this header... > > Accept-Encoding: gzip, deflate > Range: bytes=34848- > Unless-Modified-Since: Mon, 09 Jul 2007 12:44:57 GMT > If-Range: "4f0018-440f2-434d403204440" > Host: www.footprints-inthe-sand.com > Connection: Keep-Alive This is not firefox. > > > The OK GET Request (HTTP 200 Status Code) of the WAV file is > listed below in RAW format: > GET /fpaudio/footprints_waves.wav HTTP/1.1 > Accept: */* > User-Agent: Windows-Media-Player/10.00.00.3802 > UA-CPU: x86 Oh ! It's seems that you've found the problem... May be a bug in the Windows Media Player ? Did your try this on IE ?
Powered by blists - more mailing lists