Bugtraq mailing list archives
Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities)
From: Ishikawa <ishikawa () yk rim or jp>
Date: Wed, 18 Jul 2001 06:00:16 +0900
While we can bash MS-Windows due to the problems mentioned, we should not forget that a famous browser client on Linux is similarly guilty. I tried the following URLs with my netscape browser under Linux. file:///dev/null returns immediately saying there is no data. Good. file:///dev/zero doesn't crash the browser nor OS, but it sucks CPU time nevertheless since it tries to read the data forever until I pushed the stop button. The next is a showstopper. The problem URL that caused the hung of browser, at least, on my PC is the following. file:///dev/pty0 This locked my netscape navigator solid. I had to kill it using kill command from another xterm window. X didn't get hung, etc.. Since trying other devices may cause more severe problems I stopped testing here. So, at least the netscape navigator client seems to have similar problems discussed, and I have no idea if there is a clear-cut cure for this. (My guess is that any OS that makes devices available as part of filesystem have some problems in this regard if the devices in questins are accessible by the user/web account.) If someone wants to be nasty, he/she can create a web page with URLs inside <IMG SRC="these device files" ....> listing DOS devices as well as these popular UNIX devices. As someone mentioned, we can't predict what other device files may show up in the future by addition of new hardware drivers. One may be tempted to block all the files below /dev inside the browser/servers. Could this be a cure for this problem under linux/UNIX? (Yes, I know we can have devices under different places. But I am not sure if the devices under non-stanard places can be used for DoS attacks in the browser context I mentioned above.) Linux version. Linux duron 2.4.6 #27 Wed Jul 11 05:08:01 JST 2001 i686 unknown Netscape is 4.77.
Current thread:
- Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) Ishikawa (Jul 18)
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) Robin Houston (Jul 18)
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) David F. Skoll (Jul 18)
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) aland (Jul 18)
- Internet Explorer file:// URL issues Chad Loder (Jul 19)
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) Glynn Clements (Jul 19)
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) Jeffrey W. Baker (Jul 18)
- Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) Richard Kettlewell (Jul 19)
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) George Staikos (Jul 20)
- <Possible follow-ups>
- Re: Linux, too, sot of (Windows MS-DOS Device Name DoS vulnerabilities) der Mouse (Jul 19)