Full Disclosure mailing list archives
DoS vulnerability in Mozilla Firefox
From: "MustLive" <mustlive () websecurity com ua>
Date: Sun, 20 Sep 2009 23:59:06 +0300
Hello Full-Disclosure! This is my second letter to this list. Like in case of my previous letter to this list, I already sent this letter to Bugtraq (at 15th of September), but they declined to post it without any explanation (which is becoming tradition for them :-), earlier moderator at least wrote explanations, but now he has a "words crisis"). I hope with Full-Disclosure list everything will be much better. Insignificancy of Bugtraq forces me to look at this list. When I read description of this list at seclists.org, before writing of my first letter, I found it less nice then Bugtraq's description. But I'll try to contribute my share to change situation with list's image and we'll see who is #1 security list ;-). I want to warn you about Denial of Service vulnerability in Mozilla Firefox. Attack is based on idea of using of pkcs11.addmodule by Dan Kaminsky. Attack belongs to type of blocking DoS (http://websecurity.com.ua/2550/). I wrote already about blocking DoS vulnerabilities and it's new one. DoS: http://websecurity.com.ua/uploads/2009/Firefox%20DoS%20Exploit2.html With the exploit Firefox blocks. Vulnerable are all versions of Mozilla and Mozilla Firefox 3.0.13 and previous versions. I mentioned about this vulnerability at my site (http://websecurity.com.ua/3500/). Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- DoS vulnerability in Mozilla Firefox MustLive (Sep 21)
- Re: DoS vulnerability in Mozilla Firefox YGN Ethical Hacker Group (http://yehg.net) (Sep 21)
- Re: DoS vulnerability in Mozilla Firefox MustLive (Sep 30)
- Re: DoS vulnerability in Mozilla Firefox YGN Ethical Hacker Group (http://yehg.net) (Sep 21)