Full Disclosure mailing list archives
Re: Apple Safari ... DoS Vulnerability
From: "Valdis' Mustache" <security.mustache () gmail com>
Date: Tue, 3 Mar 2009 00:29:53 -0500
Jason, Initially I was not amused by your sententious and self-righteous reply, coming as it does from someone apparently unable to read GCC documentation, someone whose very question on this very list resulted in substantial wasting of time by the owner of this very mustache (time that might better be spent combing and waxing me) answering your rudimentary question in the most obtuse and abstract way possible. Nonetheless, I will overlook your slight this once, because it appears that while less than adept at the use of various Internet Lists, you are an accomplished sportsman. http://www.youtube.com/watch?v=wvYKxRmGiAA Indeed, since this mustache itself weighs far less than the 145kg hefted in the above film, I fear you could in fact rip me quite unceremoniously from my owner's face, which would cause both of us substantial harm. As such, I will pay you the respect that your girth deserves, if not your intellect. Your humble servant, Mustaţa de Valdis On Mon, Mar 2, 2009 at 11:57 PM, Jason Starks <jstarks440 () gmail com> wrote:
Grow up, really. On Mon, Mar 2, 2009 at 11:41 PM, Valdis' Mustache <security.mustache () gmail com> wrote:I would like to point out that I have been able to create a "hung" state in the Firefox browser by opening 30 simultaneous tabs pointed at http://www.welcometointernet.org/lawnmower/ and adding a 31st tab viewing http://www.hotrussianbrides.com. Also, I am not amused. Your humble servant, Ze Mustache von Kletnieks On Mon, Mar 2, 2009 at 10:29 PM, <bobby.mugabe () hushmail com> wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Nick, You and Thierry Loller are wrong. - -bm On Mon, 02 Mar 2009 21:28:17 -0500 Nick FitzGerald <nick@virus- l.demon.co.uk> wrote:Chris Evans to Thierry Zoller:Example If a chrome tab can be crashed arbritarely (remotely) it is aDoS attackbut with ridiculy low impact to the end-user as it onlycrashes the tabit was subjected to, and not the whole browser or operationsystem.But the fact remains that this was the impact of a DoScondition,the tab crashes arbritarily.Eh? If you visit www.evil.com and your tab crashes, that's no different from www.evil.com closing its own tab with Javascript.But what if www.evil.com has run an injection attack of some kind (SQL, XSS in blog comments, etc, etc) against www.stupid.com? Visitors to stupid.com then suffer a DoS... Yes, stupid.com should run their site better, fix their myriad XSS holes, etc, etc. But this is the Internet, so this "software flaw" can be leveraged as security vulnerability. I'm with Thierry on this... Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAkmso8YACgkQhNp8gzZx3sj93AP/a+oFmgLbU2Elo0livpG3c6Qvh8+0 b69LocD4LJmaR3NR4H7AHZYJiqm1TegwdTvtgY4sZd0lXi5EKZYTJMl9tj2Pd53fxXFm 7eK5yf6oRGggrdOLyDjRkMV3bVnOppwXviMHdk8quxx8sDRxA99ZlKKUA40RXFa5eAhp UpXIZ1s= =zgqd -----END PGP SIGNATURE----- -- Become a medical transcriptionist at home, at your own pace. http://tagline.hushmail.com/fc/BLSrjkqfMmg6RbMKs4GE43pzNkcKJRWafc7cDXj4iASDyccuLtQA2i9f1le/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Apple Safari ... DoS Vulnerability, (continued)
- Re: Apple Safari ... DoS Vulnerability Nick FitzGerald (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Stuart Dunkeld (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Chris Evans (Mar 03)
- Re: Apple Safari ... DoS Vulnerability jf (Mar 02)
- Re: Apple Safari ... DoS Vulnerability Chris Evans (Mar 02)
- Re: Apple Safari ... DoS Vulnerability Pavel Kankovsky (Mar 04)
- Re: Apple Safari ... DoS Vulnerability Nick FitzGerald (Mar 02)
- Re: Apple Safari ... DoS Vulnerability Valdis' Mustache (Mar 02)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 02)
- Re: Apple Safari ... DoS Vulnerability Valdis' Mustache (Mar 02)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Jim Parkhurst (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Valdis' Mustache (Mar 03)