Full Disclosure mailing list archives
Re: Apple Safari ... DoS Vulnerability
From: Jason Starks <jstarks440 () gmail com>
Date: Tue, 3 Mar 2009 17:54:51 -0500
Mr. Mustache, There is a missing "s" on the end of my last name. Yours truly, Jason "Bench Press" Starks On Tue, Mar 3, 2009 at 5:45 PM, <bobby.mugabe () hushmail com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mr. Stark, Adhering to the tradition of my fathers, I do not sport any facial hair and take offense to your comment, and since you're obviously lacking basic observational skills I highly doubt you're even as talented as my Cadburys, at anything. - -bm On Tue, 03 Mar 2009 11:11:35 -0500 Jason Starks <jstarks440 () gmail com> wrote:Mr. Mustache, it is obvious that I have more talent than a box of chocolates, and that you envy the sadistic nature of your fellow trolls on this list. Point blank. On Tue, Mar 3, 2009 at 6:18 AM, <bobby.mugabe () hushmail com> wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Valdis, I have been able to reproduce a similar situation using Firefox under MacOSX, using different websites and a significantlylargernumber of tabs. Do you think these issues might be related orarethey operating system specific? What model of CPU were youtestingthis issue under? Thanks, - -bm On Mon, 02 Mar 2009 23:41:53 -0500 Valdis' Mustache <security.mustache () gmail com> wrote:I would like to point out that I have been able to create a"hung"state in the Firefox browser by opening 30 simultaneous tabs pointed at http://www.welcometointernet.org/lawnmower/ and adding a31sttab viewing http://www.hotrussianbrides.com. Also, I am not amused. Your humble servant, Ze Mustache von Kletnieks On Mon, Mar 2, 2009 at 10:29 PM, <bobby.mugabe () hushmail com> wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Nick, You and Thierry Loller are wrong. - -bm On Mon, 02 Mar 2009 21:28:17 -0500 Nick FitzGerald<nick@virus-l.demon.co.uk> wrote:Chris Evans to Thierry Zoller:Example If a chrome tab can be crashed arbritarely (remotely) itisaDoS attackbut with ridiculy low impact to the end-user as it onlycrashes the tabit was subjected to, and not the whole browser oroperationsystem.But the fact remains that this was the impact of a DoScondition,the tab crashes arbritarily.Eh? If you visit www.evil.com and your tab crashes, that'snodifferent from www.evil.com closing its own tab withJavascript.But what if www.evil.com has run an injection attack of somekind(SQL, XSS in blog comments, etc, etc) against www.stupid.com? Visitors to stupid.com then suffer a DoS... Yes, stupid.com should run their site better, fix theirmyriadXSSholes, etc, etc. But this is the Internet, so this "software flaw" can beleveragedas security vulnerability. I'm with Thierry on this... Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/-----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified athttps://www.hushtools.com/verifywpwEAQMCAAYFAkmso8YACgkQhNp8gzZx3sj93AP/a+oFmgLbU2Elo0livpG3c6Qvh8+0b69LocD4LJmaR3NR4H7AHZYJiqm1TegwdTvtgY4sZd0lXi5EKZYTJMl9tj2Pd53fxXFm7eK5yf6oRGggrdOLyDjRkMV3bVnOppwXviMHdk8quxx8sDRxA99ZlKKUA40RXFa5eAhpUpXIZ1s= =zgqd -----END PGP SIGNATURE----- -- Become a medical transcriptionist at home, at your own pace.http://tagline.hushmail.com/fc/BLSrjkqfMmg6RbMKs4GE43pzNkcKJRWafc7cDXj4iASDyccuLtQA2i9f1le/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified athttps://www.hushtools.com/verifywpwEAQMCAAYFAkmtEaMACgkQhNp8gzZx3shZFwQAjiE2W/WUkNHrLIu1lBRz6oeDVrk nTmV8TCcaDpsvkRmhNrKFXYObPEatdJ0po7Iul333mllga8+elMukkH15J7BwUZdGlNA 5wpE6zNx8ks6L9qS9UxklE8BErdTfUY/OF5FK4aZ92JcngL1xFTkZlDJS0lvIKGry3vj uP7xAvvQ= =avqi -----END PGP SIGNATURE----- -- Click to find great rates on health insurance, save big, shophere.http://tagline.hushmail.com/fc/BLSrjkqeRcNd9NCXSJiZxV7gq821SXvgq2GW ai39WLJo4QlOxYCnjxaqn9u/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAkmtsnoACgkQhNp8gzZx3sgiJwQAnL87haXBbGW80ORA4Ufa7Leh0JSg XyPSdH32tRZUA+dJaRhoaWJt6HqaKAEltZgsqkrwsA6pTgIIx/IKYdRATBqsrdaBwrFM kKhLez2kSeOcODLg1OOpGZ4EwQgZws/Qh1sMQOYjCpBF1W2/q+wvwV8Y8xn4V2MdK4CL XTUWWLI= =FOnb -----END PGP SIGNATURE----- -- Become a medical transcriptionist at home, at your own pace. http://tagline.hushmail.com/fc/BLSrjkqfMmd367qFNEy5ii9ij3bU6df9tEPVYBzpFXa7E7s6QHH4MsdQbb6/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Apple Safari ... DoS Vulnerability, (continued)
- Re: Apple Safari ... DoS Vulnerability Nick FitzGerald (Mar 02)
- Re: Apple Safari ... DoS Vulnerability Valdis' Mustache (Mar 02)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 02)
- Re: Apple Safari ... DoS Vulnerability Valdis' Mustache (Mar 02)
- Re: Apple Safari ... DoS Vulnerability bobby . mugabe (Mar 03)
- Re: Apple Safari ... DoS Vulnerability bobby . mugabe (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Jim Parkhurst (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 03)
- Re: Apple Safari ... DoS Vulnerability M.B.Jr. (Mar 03)
- Re: Apple Safari ... DoS Vulnerability bobby . mugabe (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 03)
- Re: Apple Safari ... DoS Vulnerability bobby . mugabe (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Valdis' Mustache (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 03)
- Re: Apple Safari ... DoS Vulnerability Jason Starks (Mar 04)
- Re: Apple Safari ... DoS Vulnerability Valdis' Mustache (Mar 04)