Bugtraq mailing list archives

Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities)

From: "Jeffrey W. Baker" <jwbaker () acm org>
Date: Wed, 18 Jul 2001 09:54:12 -0700 (PDT)



On Wed, 18 Jul 2001, Ishikawa wrote:

The next is a showstopper.
The problem URL that caused the hung of browser,
at least, on my PC is the following.

    file:///dev/pty0

This locked my netscape navigator solid.
I had to kill it using kill command from another
xterm window. X didn't get hung, etc..
Since trying other devices may cause more severe problems
I stopped testing here.


Using <img src="file:///dev/tty0"> on my Linux machine caused Netscape and
Mozilla both to eat all the keyboard input.  I had to use another machine
to kill it.  I expected Netscape to NOT open file URIs from within a page
fetched via !file (http, https, ftp, gopher, etc.).

-jwb

Current thread:

Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) Ishikawa (Jul 18)
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) Robin Houston (Jul 18)
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) David F. Skoll (Jul 18)
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) aland (Jul 18)
  - Internet Explorer file:// URL issues Chad Loder (Jul 19)
  - Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) Glynn Clements (Jul 19)
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) Jeffrey W. Baker (Jul 18)
- Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) Richard Kettlewell (Jul 19)
  - Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) George Staikos (Jul 20)
- <Possible follow-ups>
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) der Mouse (Jul 19)