lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <687772742.20090528231545@Zoller.lu>
Date: Thu, 28 May 2009 23:15:45 +0200
From: Thierry Zoller <Thierry@...ler.lu>
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: [TZO-27-2009] Firefox Denial of Service
	(Keygen)

Hi Travis,

With all due respect:

>A memory leak in an interactive program that requires you to view a hostile
>page for 9hours is clearly of negligible security impact.
Ok I will take the strawman :

The impact is Denial of Service.

Ignoring  that  this  discussion is of *any* interest to anybody
or even for this overly stupid problem :
- 9 hours for 300+ megabytes
- x minutes for x bytes

Only a few bytes of "k" leads to the compromises of the private key.
(DSA).  Does  this  matter,  not  really.  It's your key anyways. Does
something  "leak" to somewhere were it's not supposed to be, no. Memory
is just not correctly freed.

---
I'm sure that if you were to familiarise yourself with the some of the
rudimentary concepts involved in dynamic memory allocation you will
understand their decision.
---
Yep,   I  am  an  ignorant  idiot,  can  we move on now ? If *you* can't
imagine a setup or extreme border case where (as example) entropy that
is being collected is indirectly affected, be it in quality of entropy
or size, then clearly *I*  must  be  the idiot that doesn't understand the
concept of memory allocations.

---
Rest assured, there is zero possibility that a memory leak can result in
"reduced entropy, weak key material etc" as you mentioned in email.
----
If you want to discuss further I'd recommend to take it off list.

General comment: I am  interesting  to  see  the  kind  of feedback I
get  when  posting an Firefox bug as opposed to bugs of other vendors.
It's almost like you hit a little boy and everybody steps into for
his defence.

Anyways, too much noise for such a stupid, near irrelevant but.



-- 
http://blog.zoller.lu
Thierry Zoller

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ