Full Disclosure mailing list archives

Re: Mozilla Firefox 3.6 plenitude String Crash(0day) Exploit

From: information security <informationhacker08 () gmail com>
Date: Thu, 4 Mar 2010 09:45:23 +0530

i had check this code  in 64 bit computer  it works
but why this code only work for Mozilla  browser not in Internet Explorer
and
also thanks Jeff  for all your comment :)
In India a famous Poet kabir says "keep your critic next to you he is your
best friend!"  :)

Asheesh kumar Mani Tripathi







On Wed, Mar 3, 2010 at 4:19 PM, Jeff Williams <jeffwillis30 () gmail com>wrote:

Sure;

Mozilla by default recover any "lost" tabs by itself, then no worry for
your "users" considerations.

Now sparky, who will be stupid enough to launch a botnet that sets a web
page containing a document.write "A" * 2000000000000000000 on them
compromised hosts ?

You tell me.



2010/3/3 information security <informationhacker08 () gmail com>

Thanks Valdis .Jeff for all your comment
yes my small-penis machine running out of RAM and swap space ...: ......
:)and i believe that Mozilla get crash ...........:(
can you tell me how to fix that people don't become victim from this
attack  people with having 34 bit Computer
or people having small -penis machine change into big-penis machine :)



On Wed, Mar 3, 2010 at 12:37 AM, <Valdis.Kletnieks () vt edu> wrote:

On Tue, 02 Mar 2010 20:02:37 PST, information security said:

open in Mozilla Firefox and wait for 15 sec ...... :) and say Good Bye


Sorry, your exploit doesn't do squat on a 64-bit Firefox 3.7a3 with
plenty of
RAM. It chugs for about 7-8 seconds and displays a *very* wide page.  It
must
be your small-penis machine running out of RAM and swap space. :)

Hint - this issue was well understood back in 1964. Literally. IBM's
OS/360 had
a GETMAIN macro that allocated storage that could encounter this same
basic
"out of memory" issue.  So not only is this a non-bug that was known when
you
were still being toilet-trained, this may be the first recorded case of
somebody reporting a non-bug that was known when their *parents* were
still
being toilet-trained.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Mozilla Firefox 3.6 plenitude String Crash(0day) Exploit information security (Mar 02)
- Re: Mozilla Firefox 3.6 plenitude String Crash(0day) Exploit Jeff Williams (Mar 02)
- Re: Mozilla Firefox 3.6 plenitude String Crash(0day) Exploit Valdis . Kletnieks (Mar 03)
  - Re: Mozilla Firefox 3.6 plenitude String Crash(0day) Exploit information security (Mar 03)
    - Re: Mozilla Firefox 3.6 plenitude String Crash(0day) Exploit Jeff Williams (Mar 03)
    - Re: Mozilla Firefox 3.6 plenitude String Crash(0day) Exploit information security (Mar 03)
    - Re: Mozilla Firefox 3.6 plenitude String Crash(0day) Exploit Rohit Patnaik (Mar 07)
    - Re: Mozilla Firefox 3.6 plenitude String Crash(0day) Exploit information security (Mar 09)
    - Re: Mozilla Firefox 3.6 plenitude String Crash(0day) Exploit Kaddeh (Mar 09)
    - Re: Mozilla Firefox 3.6 plenitude String Crash(0day) Exploit Fionnbharr (Mar 10)