lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <25225614.20040813005957@SECURITY.NNOV.RU>
From: 3APA3A at SECURITY.NNOV.RU (3APA3A)
Subject: driver for display goes to a infinite loop by viewing a html!

Dear bipin gautam,

Of  cause, I experimented and found maximal value for IE 5 (2999999). In
my  tests  result was different from freezing PC (on S3 and VooDoo cards
under  NT  4.0) to only freezing IE itself (probably some Intel cards on
Windows  9x),  but  I did my tests for only Windows NT and 95/98 (it was
early  2000).  I  did not large research, because 4 years ago ability to
crash  host  remotely  via  client application was never considered as a
security  bug  (even  DoS  attacks  against server applications were not
treated  seriously  and  only  Gunninski care about things like crossite
scripting, this term became widely used later).

Sorry,  I  never  meant  to  blame  you  in stealing this information or
something. It was good catch and it's very common situation same problem
is  rediscovered  after  few  years  (I  was  in this situation for many
times). I'm just curious about same bug still unpatched for over 4 years
and  how  different  reaction  was  now  and 4 years ago. It's a kind of
nostalgie.  I  bet  with  this  tendencies in 2010 most bugs reported on
security  lists  are  something like interface spoofing, ineffective CPU
and  memory  usage,  etc.  World  is  changing :) It's time to release a
couple  of advisories for things never treated seriously before to check
reaction.

--Thursday, August 12, 2004, 7:18:09 PM, you wrote to full-disclosure@...ts.netsys.com:

bg> hello 3APA3A,


>>This problem is known for years.

>>http://seclists.org/lists/vuln-dev/2001/Jun/0102.html
>>http://www.security.nnov.ru/advisories/ie5freeze.asp?l=RU
>>http://www.security.nnov.ru/files/ie5hang-nojs.asp


bg> kinda coincidence but i doubt it... did you ever
bg> discussed/noticed the VGA thing???

bg> you just experimented it with a big resiged image,
bg> fine!!! well but if you use a image width with more
bg> than 7 char, the browser just ignores the
bg> file.......... and hay it didn't crashed my system
bg> with a image width of 99999999, but it crashed it with
bg> a image width of 9999999 [8 charecter or more]
bg> [i'ven't experimented with other digits!!!] but if you
bg> have image width below that... it just freezes the
bg> browser, mothing more!!! no system crashes, nothing
bg> (O; [as in your case!!!]

bg> ps: * SuSE 9 shows 100% CPU use, and the disk is very
bg> active. 

bg> * A person wrote me, his linux used 100% cpu and dead
bg> slow.


bg> best regards,
bg> bipin



	
		
bg> __________________________________
bg> Do you Yahoo!?
bg> New and Improved Yahoo! Mail - 100MB free storage!
bg> http://promotions.yahoo.com/new_mail 

bg> _______________________________________________
bg> Full-Disclosure - We believe in it.
bg> Charter: http://lists.netsys.com/full-disclosure-charter.html


-- 
~/ZARAZA
?? ???? ???? ?????? ????? ?????? ? ?????? ????, ????? ? ????????. (???)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ