mailing list archives
Netscape Communicator META Refresh Denial of Service
From: full-disclosure () lists netsys com (Matthew Murphy)
Date: Sat, 20 Jul 2002 12:53:08 -0500
The "META" tag can be used to specify several things, including
document properties, and HTTP headers. Among the HTTP
header equivalents it can specify is a "Refresh" member.
Refresh has this syntax:
<meta http-equiv="refresh" content="[delay]; URL=[page]">
delay - A number of seconds to wait for reload. If omitted,
no delay is observed and the page is refreshed immediately.
page - This is the URL to navigate to when the refresh occurs
If a META Refresh navigates to itself with no delay, Netscape
will loop, causing a stupid DoS.
I tested this on Netscape 6.2.1 for Win9x/Me, but other versions
may be vulnerable.
"The reason the mainstream is thought
of as a stream is because it is
- Author Unknown
- Netscape Communicator META Refresh Denial of Service Matthew Murphy (Jul 20)