Full Disclosure mailing list archives
Re: DoS vulnerability in Internet Explorer
From: "MustLive" <mustlive () websecurity com ua>
Date: Wed, 2 Jun 2010 21:38:36 +0300
Hello Laurent! You was left almost on two years. In October 2008 I released exploits for blocking DoS with alertbox which affect many browsers ;-). As you can found it in my post DoS in Firefox, Internet Explorer and Google Chrome (http://websecurity.com.ua/2575/). I showed three variants of this attack, to show possibilities of bypassing browsers protection. If you Laurent, who trying to show himself as security professional, didn't know, so I'll tell you, that already in 2008 there were browsers which can block such attacks. So your statement "in every browser finaly" is incorrect already for two years. And in my post I published three exploits for such DoS attack and the third one bypassed Google Chrome's protection (versions 0.2.149.30 and 0.3.154.9 at that time). But Opera 9.52 was not affected at all. So Opera was most secure browser for this particular attack :-). During 2008-2010 I released a lot of different exploits of blocking DoS and other types of DoS for different browsers. And I posted about these holes to SecurityVulns (http://securityvulns.com/source15611.html). And note that in this particular letter, on which you replied, I talked about IE and about DoS without using any loops, just only one small string with expression in style.
Sorry Mustlive, i understand you need to see this in clear text finaly. I guess ascii is the best to communicate with you;
You didn't understand, Laurent. The best and only way to communicate with me it's cultural communication. If you can't speak with me in cultural manner, then better don't write me at all. Because I don't have to teach you good manners and if you'll continue to write me in such not serious tone, then I'll just banned you. So if you want to be put into my blacklist, you only need to write me about it or write me one more not serious letter. And I quickly fix this issue. Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua ----- Original Message ----- From: "Laurent Gaffie" <laurent.gaffie () gmail com> To: "MustLive" <mustlive () websecurity com ua> Sent: Tuesday, June 01, 2010 4:50 PM Subject: Re: [Full-disclosure] DoS vulnerability in Internet Explorer
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Full-Disclosure! I want to warn you about a Denial of Service in every browser finaly !!! It actually affect every browser with a javascript engine build in !!! Adobe may be vulnerable to !!!! PoC : <html> <head><title>0n0z</title></head> <body> <script type="text/javascript"> for (i=0;i<65535;i++) { alert('0n0z mustlive got you, now you're fucked, the only solution is to restart your browser or be faster than JS !!!'); } </script> </body> </html> Greetz to Mustlive () oswap com ua On 01/06/10 22:42, MustLive wrote:Hello Full-Disclosure! I want to warn you about Denial of Service vulnerability in Internet Explorer. Which I already disclosed at my site in 2008 (at 29.09.2008). But recently I made new tests concerning this vulnerability, so I decided to remind you about it. I know this vulnerability for a long time - it's well-known DoS in IE. It works in IE6 and after release of IE7 I hoped that Microsoft fixed thisholein seventh version of the browser. But as I tested at 29.09.2008, IE7 was also vulnerable to this attack. And as I tested recently, IE8 is also vulnerable to this attack. Also I informed Microsoft at 01.10.2008 about it, but they ignored and didn't fix it. They didn't fix the hole not in IE6, nor in IE7, nor in IE8. That time I published about this vulnerability at SecurityVulns (http://securityvulns.com/Udocument636.html). DoS: Vulnerability concerned with handling by browser of expression in styles, which leads to blocking of work of IE. http://websecurity.com.ua/uploads/2008/IE%20DoS%20Exploit4.html Vulnerable versions are Internet Explorer 6 (6.0.2900.2180), Internet Explorer 7 (7.0.6000.16711), Internet Explorer 8 (8.0.7600.16385) and previous versions. To Susan Bradley from Bugtraq: This is one of those cases, which I told you before, when browser vendors ignore to fix DoS holes in their browsers for many years. Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- DoS vulnerability in Internet Explorer MustLive (Jun 01)
- Message not available
- Re: DoS vulnerability in Internet Explorer Laurent Gaffie (Jun 01)
- Re: DoS vulnerability in Internet Explorer PsychoBilly (Jun 01)
- Re: DoS vulnerability in Internet Explorer Pablo Ximenes (Jun 02)
- Re: DoS vulnerability in Internet Explorer Laurent Gaffie (Jun 01)
- Message not available
- Re: DoS vulnerability in Internet Explorer Jeff Williams (Jun 02)
- Re: DoS vulnerability in Internet Explorer Christian Sciberras (Jun 02)
- Re: DoS vulnerability in Internet Explorer MustLive (Jun 06)
- Re: DoS vulnerability in Internet Explorer Christian Sciberras (Jun 02)
- Re: DoS vulnerability in Internet Explorer Jan Schejbal (Jun 03)
- Message not available
- Re: DoS vulnerability in Internet Explorer MustLive (Jun 03)
- <Possible follow-ups>
- Re: DoS vulnerability in Internet Explorer Laurent Gaffie (Jun 01)