Bugtraq: Re: Re: MS Internet Explorer 7 Denial Of Service Exploit

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Re: MS Internet Explorer 7 Denial Of Service Exploit

From: craig () airnet net
Date: Sat, 22 Nov 2008 02:05:17 -0700

On Konqueror 3.5.9, what happens is that this childish code builds a huge string, eats memory, causes swapping, and 
finally blows away Konq.  Linux and X and everything else stay up and recover nicely.  (Gentoo/AMD64X2/3G mem)

This isn't an exploit -- at least not on Linux -- it's just kiddie stupidity.  It doesn't take any particular 
cleverness to blow memory by dynamically creating bigger and bigger data structures.  With virtual memory and 64-bit 
pointers, when exactly do we return -ENOMEM?

By Date By Thread

Current thread:

Re: Re: MS Internet Explorer 7 Denial Of Service Exploit craig (Nov 22)
- Re: MS Internet Explorer 7 Denial Of Service Exploit Nick Kirby (Nov 24)
- Re: Re: MS Internet Explorer 7 Denial Of Service Exploit Glynn Clements (Nov 24)
- <Possible follow-ups>
- Re: Re: Re: MS Internet Explorer 7 Denial Of Service Exploit 0xjbrown41 (Nov 24)