lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20031019075405.10896.qmail@webmaildomini2.aruba.it>
From: dante at alighieri.org (Davide Del Vecchio)
Subject: Re: Pure html DOS although some version require minor user interaction ( highlighting/minimising )

Konqueror 3.1.3 causes high cpu usage until the page has been loaded,
but the system continue working quite good. 

d. 

Thomas Rogg writes: 

> am 18.10.2003 6:29 Uhr schrieb John unter mccann@...icon.net: 
> 
>> Basicly this simple employees a HEAP of <big> tags and only requires a
>> single closing tag. Someone versions on view will die others require
>> something to activate rendering I assume this could be done via a java
>> script. 
>> 
>> Proof of concept 
>> 
>> http://www.lexicon.net/mccann/t.html 
>> 
>> Mozilla doesn't crash some version my experience high cpu usage while
>> rendering also the layout will be stuffed but it is also a problem with
>> overflowing font sizes.
>> Opera untested.
>> Other untested.
> Tried it twice, crashed IE 5.0 (didn't know I still had it on my hard drive)
> under Mac OS 9 both times and took the whole system with it (OS 9 doesn't
> have any memory protection etc). 
> 
> Nice work. 
> 
> -- Thomas 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
 

 - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Davide Del Vecchio "Dante Alighieri" dante@...ghieri.org
http://www.alighieri.org
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - -


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ