[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] Browser bugs [DoS] - Do they bite?
- To: <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: [Full-Disclosure] Browser bugs [DoS] - Do they bite?
- From: "morning_wood" <se_cur_ity@xxxxxxxxxxx>
- Date: Sun, 11 Apr 2004 01:32:34 -0700
> > Browser bugs [DoS] ... where will you draw a line?
>
> DoS bugs that cause permanent damage are treated differently, of course.
> For example, I could imagine a bug that would corrupt some critical file
what about Browser bugs[DoS] a XSS vunerable site?
simple javascript leveraged against a host that has a XSS issue.
so if you could embed <script>javascript:location.reload()</script>
in a high traffic, XSS'able site, you could cause a denial of service
to the webserver from the users trying to view the site.
http://host/stupidscript?someoption=<script>javascript:location.reload()</script
>
will continuily refresh to http://host/stupidscript , since it is XSS'able, the
server
returns the script only to be executed again and again and ( you get the
picture )
could be used legitematly for a "net-sit-in" to deny a site as well.
see: http://nothackers.org/pipermail/0day/2003-October/000236.html
and exactly why does this produce such an odd result?
http://ws.arin.net/cgi-bin/whois.pl?queryinput=<script>javascript:location.reloa
d()</script>
Search results for:
(N) orwegian Telecommunications Administration (OTA)
(A) sian Development Bank (SDB-1)
USDA - Office of Operations (UOO)
Shipleys Donut Shops
( yum! donuts. but they did fix thier XSS )
m.wood
http://exploitlabs.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html