Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Netscape Communicator META Refresh Denial of Service
From: full-disclosure () lists netsys com (Matthew Murphy)
Date: Sat, 20 Jul 2002 12:53:08 -0500

The "META" tag can be used to specify several things, including
document properties, and HTTP headers.  Among the HTTP
header equivalents it can specify is a "Refresh" member.

Refresh has this syntax:

<meta http-equiv="refresh" content="[delay]; URL=[page]">

delay - A number of seconds to wait for reload.  If omitted,
no delay is observed and the page is refreshed immediately.

page - This is the URL to navigate to when the refresh occurs

If a META Refresh navigates to itself with no delay, Netscape
will loop, causing a stupid DoS.

I tested this on Netscape 6.2.1 for Win9x/Me, but other versions
may be vulnerable.

"The reason the mainstream is thought
of as a stream is because it is
so shallow."
                     - Author Unknown

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]