[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re: MS Internet Explorer 7 Denial Of Service Exploit

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Re: MS Internet Explorer 7 Denial Of Service Exploit
From: craig@xxxxxxxxxx
Date: Sat, 22 Nov 2008 02:05:17 -0700

On Konqueror 3.5.9, what happens is that this childish code builds a huge 
string, eats memory, causes swapping, and finally blows away Konq.  Linux and X 
and everything else stay up and recover nicely.  (Gentoo/AMD64X2/3G mem)

This isn't an exploit -- at least not on Linux -- it's just kiddie stupidity.  
It doesn't take any particular cleverness to blow memory by dynamically 
creating bigger and bigger data structures.  With virtual memory and 64-bit 
pointers, when exactly do we return -ENOMEM?

Follow-Ups:
- Re: MS Internet Explorer 7 Denial Of Service Exploit
  - From: Nick Kirby
- Re: Re: MS Internet Explorer 7 Denial Of Service Exploit
  - From: Glynn Clements

Prev by Date: [SVRT-04-08] Vulnerability in WireShark 1.0.4 for DoS Attack
Next by Date: [SECURITY] [DSA 1668-1] New hf packages fix execution of arbitrary code
Previous by thread: [SVRT-04-08] Vulnerability in WireShark 1.0.4 for DoS Attack
Next by thread: Re: MS Internet Explorer 7 Denial Of Service Exploit
Index(es):
- Date
- Thread