Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Mozilla Firefox 1.0.7 DoS Exploit

Hemos posted more than 8 years ago | from the to-be-confirmed-or-not-confirmed dept.

Mozilla 438

An anonymous reader writes "Whitedust Security are reporting on a new exploit for Firefox which apparently affects all versions of the browser from 1.0.7 down. From the article: "If this exploit has made it out into, or indeed been retrieved from the wild is unknown at this time. However it is clear that this exploit will indeed need patching as soon as possible.""

cancel ×

438 comments

Sorry! There are no comments related to the filter you selected.

Brilliant header! (2, Funny)

brian0918 (638904) | more than 8 years ago | (#13808589)

A 1.0.7 exploit that only affects everything below 1.0.7!

Re:Brilliant header! (1, Funny)

rincebrain (776480) | more than 8 years ago | (#13808604)

Yes - in that vein, how can you patch a bug that's already patched?

Re:Brilliant header! (3, Informative)

FidelCatsro (861135) | more than 8 years ago | (#13808672)

By fixing the article summary I imagine .
The patch seems to have been in the full article since conception , but apparently it hadn't passed down the line .
these exploits are dangerous as many Slashdoters refuse to update their knowledge by reading the full article and not just the summary

Re:Brilliant header! (5, Informative)

Hey Pope Felcher . . (921019) | more than 8 years ago | (#13808615)

. . . RTFA,

milw0rm.com have released proof of concept code for a denial of service exploit which apparently affects all versions of the Mozilla Foundations popular Firefox browser from version 1.0.7 downward.

Remember, on Slashdot always read the article, it is generally only a coincidence if the summary has any bearing on the actual linked text.

Re:Brilliant header! (0, Troll)

brian0918 (638904) | more than 8 years ago | (#13808643)

I only pointed out that the header doesn't agree with the text, I never even mentioned the article.

Re:Brilliant header! (2, Informative)

LnxAddct (679316) | more than 8 years ago | (#13808736)

Regardless, this exploit doesn't effect 1.5, it's in beta but technically the explot is already fixed... just needs to be back ported:)
Regards,
Steve

Re:Brilliant header! (0)

Anonymous Coward | more than 8 years ago | (#13808742)

Moderation to moderation My people , the parent is totally redundant as a response to the GP .
The GP was merely commenting on the state of the summary , The parent is about as informative as a session with congress .

Re:Brilliant header! (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#13808619)

Unleash the trolls!

OMGWTF MODPARENTUP (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#13808621)

omgwtfBBQLMFARO

Re:Brilliant header! (1)

ion_nation (825447) | more than 8 years ago | (#13808629)

Is it? The article says "1.0.7 downward". Does that include 1.0.7 or not? Also, what exactly does this exploit do, anyway? Someone can use a DoS attack on my PC when it's using Firefox to shut down the connection? Or someone can hack any Firefox browser remotely to DDoS attack some site?

Re:Brilliant header! (2, Informative)

ShadowFlyP (540489) | more than 8 years ago | (#13808661)

TFA actually says that it affects 1.0.7 and everything downward. Running 1.0.7 here myself and the test exploit worked: locked Firefox right up.

Re:Brilliant header! (0)

Anonymous Coward | more than 8 years ago | (#13808782)

It does affect every version including 1.07. But it is not very exploitable since it only crashes the browser.

Re:Brilliant header! (1)

thesnarky1 (846799) | more than 8 years ago | (#13808803)

RTFA then read your comment. Kinda stupid huh? If you read it, you'd know that "down" is inclusive, as in version 1.0.7 and everything below. Or, go check the source code, its in comments there as well... In fact, if you really read the summary, it doesn't say 'just below 1.0.7' but 1.0.7 down, so even IT implies it's inclusive. I boggle over people like you *boggle*

Blame the hacker culture (-1, opposes groupthink) (-1, Troll)

Anonymous Coward | more than 8 years ago | (#13808597)


Linux is *not* user friendly, and until it is linux will stay with >1% marketshare.

Take installation. Linux zealots are now saying "oh installing is so easy, just do apt-get install package or emerge package": Yes, because typing in "apt-get" or "emerge" makes so much more sense to new users than double-clicking an icon that says "setup".

Linux zealots are far too forgiving when judging the difficultly of Linux configuration issues and far too harsh when judging the difficulty of Windows configuration issues. Example comments:

User: "How do I get Quake 3 to run in Linux?"
Zealot: "Oh that's easy! If you have Redhat, you have to download quake_3_rh_8_i686_010203_glibc.bin, then do chmod +x on the file. Then you have to su to root, make sure you type export LD_ASSUME_KERNEL=2.2.5 but ONLY if you have that latest libc6 installed. If you don't, don't set that environment variable or the installer will dump core. Before you run the installer, make sure you have the GL drivers for X installed. Get them at [some obscure web address], chmod +x the binary, then run it, but make sure you have at least 10MB free in /tmp or the installer will dump core. After the installer is done, edit /etc/X11/XF86Config and add a section called "GL" and put "driver nv" in it. Make sure you have the latest version of X and Linux kernel 2.6 or else X will segfault when you start. OK, run the Quake 3 installer and make sure you set the proper group and setuid permissions on quake3.bin. If you want sound, look here [link to another obscure web site], which is a short HOWTO on how to get sound in Quake 3. That's all there is to it!"

User: "How do I get Quake 3 to run in Windows?"
Zealot: "Oh God, I had to install Quake 3 in Windoze for some lamer friend of mine! God, what a fucking mess! I put in the CD and it took about 3 minutes to copy everything, and then I had to reboot the fucking computer! Jesus Christ! What a retarded operating system!"

So, I guess the point I'm trying to make is that what seems easy and natural to Linux geeks is definitely not what regular people consider easy and natural. Hence, the preference towards Windows.

Re:Blame the hacker culture (-1, opposes groupthin (1)

graemecoates (592009) | more than 8 years ago | (#13808692)

And this has what to do with a vulnerability in Firefox exactly? Upon RTFA, the exploit appears to be a one-liner - is that it....?!?! (And, no, I'm not going to run it to find out thank you very much.) GC

Re:Blame the hacker culture (-1, opposes groupthin (1)

sqlrob (173498) | more than 8 years ago | (#13808728)

A DOS is, by definition, a vulnerability. Less significant than others, especially for user systems, since you quit firefox and it's fixed, no system change, no arbitrary code running.

Re:Blame the hacker culture (-1, opposes groupthin (2, Insightful)

Cerv (711134) | more than 8 years ago | (#13808721)

Linux is *not* user friendly, and until it is linux will stay with >1% marketshare.

I think you meant "less than," rather than "greater than".

totally off guard (5, Informative)

Tufriast (824996) | more than 8 years ago | (#13808600)

I checked out the Mozilla site -- not a peep about it. I made a post there. I figure this one totally right hooked them. It's a pretty massive crash. Just makes the whole browser lock up. At least I know they'll fix it fast though...I think in 24 hours we'll see a turn around. Anyone try this with version 1.5?

Re:totally off guard (5, Informative)

tbspit (460062) | more than 8 years ago | (#13808614)

Version 1.5 is not affected.

Not too big a deal (4, Insightful)

Dr. Evil (3501) | more than 8 years ago | (#13808624)

There isn't much incentive for malicious people to crash people's browsers.

The wording from the security company has me thinking they're just trying to make a name for themselves.

Re:Not too big a deal (1, Interesting)

Anonymous Coward | more than 8 years ago | (#13808682)

I came across something like this developing Javascript. It hangs the browsing for a few minutes. Though in my case Firefox eventually asked me if I want to abort the script. I thought it was just a normal side-effect of weird Javascript combined with Mozilla/Firefox's lack of multi-threading. I think I'll file a bug report in any case, but probably not as big a deal because Firefox actually recovers from it.

Re:Not too big a deal (1, Interesting)

gromitcode (888226) | more than 8 years ago | (#13808713)

if you can crash the browser it means you are probably in a buffer overflow situation or some other potentially exploitable bug, these are EXACTLY what malicious people look for. just because the proof of concept only crashes the browser doesn't make it useless for malicous people.

Re:Not too big a deal (4, Informative)

sqlrob (173498) | more than 8 years ago | (#13808761)

Look at the source. It's an unclosed tag, so it's likely an infinite loop.

Re:Not too big a deal (5, Insightful)

stevey (64018) | more than 8 years ago | (#13808763)

Not necessarily.

I reported some DOS bugs against firefox which will kill a browser by essentially saying:

  • Give me a table of 1000000 rows and 1000000 columns.

The browser dies. Probably because it attempts to either a) allocate all the system's memory and the kernel kills it, or b) at some point memory allocation fails and the program terminates.

Not all crashes are buffer overflows, or exploitable.

Re:totally off guard (1, Informative)

Anonymous Coward | more than 8 years ago | (#13808652)

while I am sure firefox team will have this fixed soon, it will not help the majority of people, The majority of users to my sites that use firefox are still 1.05 or below. heck I even see 1.0 in my stats, if users aren't updating then mozilla security is failing. yes you can all argue it is users responsibility, but lets face the majority of users are dumb. updating needs to be made easier or firefox is doomed to be just another ie.

But... (2, Informative)

supersocialist (884820) | more than 8 years ago | (#13808690)

...it shows an "update" icon, which updates when clicked. How much easier could it be without hijacking your system to do it for you?

Re:totally off guard (1)

skyshock21 (764958) | more than 8 years ago | (#13808703)

The exploit doesn't crash v. 1.5. It just brings you to a screen that says "Mozilla" on the test page.

Re:totally off guard (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#13808729)

Mozilla is affected. I'm running mozilla 1.7.12 on linux and just like you said, it got totally locked up.

gnaa (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#13808602)

gnaa'r'us

Thunderbird also vunerable (4, Informative)

Big Nothing (229456) | more than 8 years ago | (#13808603)

Mozilla Thunderbird 1.0.6 is also vunerable.

Re:Thunderbird also vunerable (-1, Offtopic)

nothingbutcoupons (923501) | more than 8 years ago | (#13808698)

Vunerable or Vulnerable?

1.0.7 is affected (1)

wo1verin3 (473094) | more than 8 years ago | (#13808607)

>>Whitedust Security are reporting on a new exploit for Firefox which apparently affects all version of the >>browser below 1.0.7. From the article:

contrary to how the article makes it sound, 1.0.7 is indeed affected by this.

is this NOT an OLD version (0, Troll)

DeckerDel (914516) | more than 8 years ago | (#13808608)

I'm running 1.5 as firefox states, if i'm right that version 1.0.7 is very old!
firefox is cool, stop digging up old sh*t!

Re:is this NOT an OLD version (1)

Tufriast (824996) | more than 8 years ago | (#13808628)

I'm using Debian, and the 1.0.7 build they have out is affected by this 100%. It works on any 1.0.7 build.

Re:is this NOT an OLD version (2, Informative)

pbranes (565105) | more than 8 years ago | (#13808631)

1.5 is beta, dude. 1.0.7 is the latest final release of firefox. 1.0.7 is like 1 month old.

Re:is this NOT an OLD version (1)

DeckerDel (914516) | more than 8 years ago | (#13808656)

Thank you very much for clearing that up, i'm sorry should have RTFM on firefox
Cheers thanks
Del

1.5 is beta (1)

cflorio (604840) | more than 8 years ago | (#13808632)

1.0.7 is the current stable release. 1.5 is beta.

Re:is this NOT an OLD version (1)

DeckerDel (914516) | more than 8 years ago | (#13808635)

Just a thought.
-How about starting with all the old win9x exploits.

Re:is this NOT an OLD version (1, Funny)

BushCheney08 (917605) | more than 8 years ago | (#13808651)

Hey dipshit. Wake up! This is like me saying "I'm running Vista. Why are they bothering posting information on XP exploits?"

Re:is this NOT an OLD version (1)

Directrix1 (157787) | more than 8 years ago | (#13808768)

Except you have no reason not to update something that automatically updates itself and for free.

Re:is this NOT an OLD version (1)

BushCheney08 (917605) | more than 8 years ago | (#13808810)

I guess I must've missed the part where my STABLE release of 1.0.7 (susceptible to the exploit) automatically updated itself to the BETA 1.5...

Re:is this NOT an OLD version (1)

shadowknot (853491) | more than 8 years ago | (#13808636)

No, 1.07 is the current release. 1.5 is the release candidate or "Deer Park" which is currently a pre-release. As far as I understand!

Re:is this NOT an OLD version (0)

Anonymous Coward | more than 8 years ago | (#13808642)

1.5 is beta, if you go to the ff site to down load the latest version, its gonna give you 1.0.7

Re:is this NOT an OLD version (0)

Anonymous Coward | more than 8 years ago | (#13808645)

1.5 is beta, 1.0.7 is current.. No Karma for you.

Re:is this NOT an OLD version (-1, Redundant)

tbspit (460062) | more than 8 years ago | (#13808646)

1.5 is still in beta. 1.0.7 is the current version.

Re:is this NOT an OLD version (-1, Redundant)

derphilipp (745164) | more than 8 years ago | (#13808650)

The current stable Version is 1.0.7, 1.5 is Beta - Release 2. So this bug is one stable Version old - and I installed Firefox on quite a few peoples computer and I am sure they won't update it. I am ooking forward to Version 1.5 which does update itself automatically.

Not really... (-1, Troll)

Zunni (565203) | more than 8 years ago | (#13808671)

Firefox zealot down!!!!

"I'm running the latest beta, if you don't then you deserve to have all the nasty exploits"

You make it sound like 1.0.7 is 6 months old and there have been 3-4 version updates since then.

Way to share your ignorance with everyone..

Latest Stable is 1.0.7 (1)

The MAZZTer (911996) | more than 8 years ago | (#13808696)

1.5 is a BETA version which Mozilla only recommends bleeding-edge types and extention developers use.

How come there are so many nice hackers? (5, Funny)

jkind (922585) | more than 8 years ago | (#13808609)

Why are there so many nice hackers in the world? Willing to spend their time finding exploits, post them, and even a "safe" example. Do they take pride in helping the surfing community? Why don't they just hijack the world's browsers and make us choose between "Yes" and "Okay" on their PayPal deposit sites?
Where are the evil hackers, or have they all converted, scared about stiff http://news.bbc.co.uk/1/hi/technology/4249780.stm [bbc.co.uk] penalties?

Re:How come there are so many nice hackers? (3, Interesting)

Red_Foreman (877991) | more than 8 years ago | (#13808654)

I think you're probably trolling, but:
Yes, we do take pride in our community coming together and developing a quality product free for everyone to use.

Plus, the Open Source Community is far more nimble when it comes to fixing bugs of this nature. Part of the reason is that you have more eyeballs looking at the code and two is that there's more code review and so there's less bugs and less severe bugs with most OSS projects.

Re:How come there are so many nice hackers? (1)

jkind (922585) | more than 8 years ago | (#13808689)

Sorry, not trying to troll.. Just seems there is a lot more of this "proof of exploit" type code being posted these days then say back in 1996..
Thanks for the detailed reply! I would guess the naysayers would say OSS projects are leaving themselves open to hack-attempts by scores more developers, due to the open nature.. But I guess I can see how this is counterbalanced by the more code review you refer to..

Obviously... (1, Funny)

supersocialist (884820) | more than 8 years ago | (#13808706)

...the RIAA has finally managed to lock up all malicious computer users. It's about time!

Re:How come there are so many nice hackers? (5, Insightful)

FirienFirien (857374) | more than 8 years ago | (#13808808)

Why are there so many nice hackers in the world? Because some people believe in things like morals and society? Because not everyone is corrupt? Apart from anything else there's always the chance that if someone is a 'nice' hacker then they can act as a model for others, and will get a little return on their investment of time by coming across a warning next time instead of a Yes/Okay dialog against them.

People who don't want their friends/family affected, people who actually care about the world they live in. I'm surprised that you seem to believe that everyone would be malicious if they could.

Very vague (2, Funny)

fa_pa (868784) | more than 8 years ago | (#13808617)

OMG there is an exploit for firefox but we don't know anything about it but it might be dangerous. i need to switch back to IE maybe...

Re:Very vague (1, Funny)

Agret (752467) | more than 8 years ago | (#13808648)

Dangerous? It's a DoS exploit. It causes your browser to lock up. Nothing to see here, move along.

yeah, WTF? (5, Insightful)

subtropolis (748348) | more than 8 years ago | (#13808779)

There's this exploit, see. Click here to try it. Go on, it's ok...

I think the poll at the top of the page should ask, "Do you trust WhiteDust security?"

Oh, wait - that's what the 'Test the exploit' link is for.

Nomenclature... (5, Insightful)

gowen (141411) | more than 8 years ago | (#13808618)

How long has a webpage that makes a browser crash been called a "Denial Of Service Exploit".

A browser that can be crashed is a very bad thing, but suggesting this is some sort of "Denial Of Service" attack, is just semantics. It doesn't crash the box, and it doesn't flood/break the network. Every other service on your machine runs as normal. That's not a Denial Of Service by the usual definition of the term.

Re:Nomenclature... (2, Informative)

arkanes (521690) | more than 8 years ago | (#13808649)

A Denial of Service attack denies you access to a service. It doesn't have to crash your box, or take it off the network. Anything that will hang or crash or flood a service (applications are services) is a DOS. They've been called that since before kiddies found out about pingflooding.

Re:Nomenclature... (1, Troll)

NickFortune (613926) | more than 8 years ago | (#13808774)

How long has a webpage that makes a browser crash been called a "Denial Of Service Exploit".

Oddly enough, about the same length of time as has passed since Microsoft realised their stranglehold on web browsers was slipping.

One day Redmond reformed the IE development team to try and stem the tide. The next, stories like this one started cropping up with penny-ante firefox exploits being made into front page news. Just as though crushing your browser was comparable in scale to rooting your network...

Purely co-incidental, of course...

Re:Nomenclature... (3, Informative)

m50d (797211) | more than 8 years ago | (#13808822)

A browser that can be crashed is a very bad thing, but suggesting this is some sort of "Denial Of Service" attack, is just semantics. It doesn't crash the box, and it doesn't flood/break the network. Every other service on your machine runs as normal. That's not a Denial Of Service by the usual definition of the term.

Yes it is. If you did exactly the same thing to, say, apache or proftpd or mysql - don't crash the box, don't break the network, every other service runs normal - it would be a DoS. Calling this attack a DoS provides some very important information - it doesn't allow execution of arbitrary code, just locks up the browser. The only thing that's possibly unusual here is applying the term to a client rather than a server program, but a DoS is absolutely the correct term.

Worm Code (3, Funny)

Agret (752467) | more than 8 years ago | (#13808623)

What follows is the source code made avaliable on the site.

Mozilla

# milw0rm.com [2005-10-16]

I have 1.0.7 and it caused me to crash :(

Re:Worm Code (0)

Agret (752467) | more than 8 years ago | (#13808680)

Gahh stupid post filters!!

<!--
posidron@tripbit.net

Vulnerable: Mozilla Firefox <= 1.0.7
                        Mozilla Thunderbird <= 1.0.6

-->

<html><body><strong>Mozilla<sourcetext></body></ht ml>

# milw0rm.com [2005-10-16]

So... (5, Insightful)

LiquidCoooled (634315) | more than 8 years ago | (#13808625)

This can freeze your browser.

Wheres the vulnerability? when does the spyware attack? Do I need to reinstall Windows?
Should I buy a virus checker?

Anyone stupid enough to host this "exploit" on their site are just dumb,
"oooooh it makes your firefox freeze" BFD - stay away from dodgy parts of the net

(goatse is a bigger "exploit" and generally leads to complete machine shutdown/restart as you attempt to hide it from your colleagues)

Re:So... (1)

ArsenneLupin (766289) | more than 8 years ago | (#13808711)

Anyone stupid enough to host this "exploit" on their site are just dumb,

Not on their own site of course. But just imagine some Windows luser's wet dream comes true, and he finds a hole in some high profile Apache site. Just hax0r it, and put that sploit on every page of it, and then bam!

Re:So... (1)

rtaylor (70602) | more than 8 years ago | (#13808735)

This can freeze your browser.

It's as bad as Google Maps with far too many location tags and polygons.

Re:So... (0, Funny)

Anonymous Coward | more than 8 years ago | (#13808764)

(goatse is a bigger "exploit" and generally leads to complete machine shutdown/restart as you attempt to hide it from your colleagues)

No, no, no... goatse is a bigger hole, but not a security hole...

Tested the exploit (3, Informative)

jurt1235 (834677) | more than 8 years ago | (#13808641)

And after I clicked on it, nothing happened, the browser just said: mozilla

Apparently firfox 1.0.7 on linux is not affected. So not all versions of firefox are affected.
Advisory: Install linux, then restart your browser and have fun.

Topic title is confusing (0)

dascandy (869781) | more than 8 years ago | (#13808657)

It's for all firefoxes BELOW 1.0.7. The topic title suggests the exact opposite, that it's only for 1.0.7.

Re:Topic title is confusing (2, Insightful)

skyshock21 (764958) | more than 8 years ago | (#13808743)

I think a little reading comprehension would be in order. It says version 1.0.7 AND BELOW. That means 1.0.7, 1.0.6, 1.0.5, etc...

Exploit (5, Informative)

Anonymous Coward | more than 8 years ago | (#13808659)

The exploit is:

<html><body><strong>Mozilla<sourcetext></body></ht ml>

and it also makes Mozilla suite 1.7.12 hang.

The sourcetext tag is used when a parser error occurs; the Mozilla DOMParser will accept any string and always returns a valid XML DOM object, but in the case that the string was malformed, it returns something like this:

<parsererror xmlns="http://www.w3.org/1999/xhtml">XML Parsing Error: mismatched tag. Expected: </strong>. Location: file:///1253.html Line Number 3, Column 37:<sourcetext> (text here) </sourcetext></parsererror>

which you may have seen formatted before in a nice red-on-yellow page.

OMG, this is bad! (4, Insightful)

ArsenneLupin (766289) | more than 8 years ago | (#13808660)

Almost as bad (and scaringly simple) as the <form><input type crash></form> sploit for Internet Exploder.

I guess I'll just stick with Konqueror.

PoC Code *is* in the wild (4, Informative)

OverlordQ (264228) | more than 8 years ago | (#13808663)

Despite the article summary if you click through and read it you'd find that there is code out there.

Danger Will Robinson test your firefox [thedarkcitadel.com] Danger Will Robinson

Re:PoC Code *is* in the wild (1)

The MAZZTer (911996) | more than 8 years ago | (#13808738)

And here is the "exploit" in crunchy data: url form if you don't want to wait for slashdotted servers: data:text/html;base64,PGh0bWw+PGJvZHk+PHN0cm9uZz5N b3ppbGxhPHNvdXJjZXRleHQ+PC9ib2R5PjwvaHRtbD4=

Nothing happens on Beta 2 (1)

sheepoo (814409) | more than 8 years ago | (#13808673)

Simply shows the word Mozilla when the test web site is loaded in Beta 2. I guess they have already taken care of it in the Beta release

How come... (1, Troll)

CDPatten (907182) | more than 8 years ago | (#13808677)

whenever there is a firefox exploit, /. is understanding, and people say things like "well no software is perfect... its rare and hard to do, not really an explot... ". When there is an IE exploit its, "MS Sucks, IE Sucks, and if you use IE your computer is going to blow up, not to mention global warming will continue"...

I exaggerated a bit there, but you know what I'm saying. Why not offer equal critiques, and understanding, for any product regardless. I have a few macs for web testing but don't really like them, but it doesn't stop me from saying that there are some things that apple does a damm good job with. IE isn't a horrible web browser, it may not be as cutting edge with functionality today as firefox, but it isn't all bad. And before you scream standards, only do it if you include safari, and all the other browsers that have "standards" problems.

Re:How come... (-1, Flamebait)

Anonymous Coward | more than 8 years ago | (#13808715)

Because you're a giant shithole. How's that for an explanation, you fucking generalizing prick?

Re:How come... (2, Funny)

ArsenneLupin (766289) | more than 8 years ago | (#13808759)

not to mention global warming will continue"...

You got it all wrong. That particular problem has more to do with Athlon processors than with Internet Exploder.

Re:How come... (1)

nothingbutcoupons (923501) | more than 8 years ago | (#13808767)

How many people actually use all the "cutting edge" features on their browsers? All I do is type in a URL and go to it, hitting CTRL-D at some point if I wanna bookmark the site in IE. Do we really need anything more than just a viewing window and an address bar? Besides, the more features we have seemingly takes away much more of our viewing capacity.

Re:How come... (2, Insightful)

smooth wombat (796938) | more than 8 years ago | (#13808783)

The difference between FF having an issue and IE having an issue is that when FF has an issue it only affects the browser itself. When IE has an issue it can cause issues with your entire operating system because the browser (an application) has been retro-welded into the OS.

Also, FF is being developed by people who aren't getting paid (well, most aren't) for their service compared to Microsoft, a multi-billion dollar corporation which has had 10 years to try and get the bugs out of their product.

Re:How come... (1)

Fallus Shempus (793462) | more than 8 years ago | (#13808789)

[screams]ACTIVE X![/screams]

This is just stupid... (0)

CTho9305 (264265) | more than 8 years ago | (#13808684)

Any of the dozens of known crash bugs in the public bugzilla database can be used to DoS Firefox. One more way to crash is hardly newsworthy. If it only affects pre-1.0.7 versions, it's been patched anyway!

Re:This is just stupid... (0)

Anonymous Coward | more than 8 years ago | (#13808751)

If you read TFA it actually affects 1.0.7 as well.

Re:This is just stupid... (1)

skyshock21 (764958) | more than 8 years ago | (#13808781)

No. It *DOES* affect 1.0.7. It's been patched in the 1.5 Beta release.

Hmm... indeed. (0)

Anonymous Coward | more than 8 years ago | (#13808705)

Indeed is indeed used far too many times in the headline... indeed.

Browser crashing, pfff. (1)

unknown51a (741797) | more than 8 years ago | (#13808708)

So this makes your browser crash, obviously they have never been treated to an infinite loop of javascript alerts on MSIE.
My friends hated me for doing that to them... It was worth it.

Anyway, my browser can crash up to 3 times a day from some dodgy javascript. Ever tried coding an AJAX shoutbox using the .innerHTML property? Thats a can of worms, Safari crashed so often while I was doing that code.

here is the DOS code (0)

Anonymous Coward | more than 8 years ago | (#13808712)

to DOS a browser is suprisingly simple

<script>
setInterval("alert('DOS')",100 );
</script>

cross platform, crossbrowser exploit, affects all javascript based web browsers

workarounds:
disable javascript

Whoop-d-doo (0, Troll)

Snowhare (263311) | more than 8 years ago | (#13808718)

Firefox on Linux randomly crashes during normal web browsing at least a half dozen times per day anyway. What is so significant about another way to make Firefox chew CPU? There are LOTS of ways to do that.

Mozilla too.. (2, Interesting)

Dynamoo (527749) | more than 8 years ago | (#13808724)

It also locks up Mozila 1.7.8, so I guess it will also do the same to Netscape 8 if using the Firefox renderer.

There's not much to it though:

<!--
posidron@tripbit.net

Vulnerable: Mozilla Firefox <= 1.0.7
Mozilla Thunderbird <= 1.0.6
-->

<html><body><strong>Mozilla<sourcetext></body></ht ml>

Ah well, not much harm done. Of course, there's nothing to stop Microsoft putting it into MSN deliberately to break the browser, in much the same way they tried to nobble Opera [slashdot.org] some months back.

Who cares? (5, Informative)

brunes69 (86786) | more than 8 years ago | (#13808726)

So clicking on a link can lock up the browser. So what?

How is this any different from this, which effectively locks up *all* current browsers?

<script>
while(true){
alert('Haha!');
}
<script>

This is hardly important. I don't see any way this can crash my machine or infect me with a trojan.

PS if you want a fix for the above vote for bug 61098] at bugzilla [mozilla.org] .

Re:Who cares? (0)

Anonymous Coward | more than 8 years ago | (#13808805)

That does not lock up Opera (try it) - I can simply close the tab in question without affecting anything else.

Re:Who cares? (0)

Anonymous Coward | more than 8 years ago | (#13808819)

Thanks for suggesting this. Hopefully the next time a story with an insecure IIS link comes us the trolls will use this rather than the gross picture that everybody has seen at least a hundred times already...

$10 says they'll fix this (0, Troll)

taxevader (612422) | more than 8 years ago | (#13808756)

within a week.

I wonder how long it would take Microsoft if this happened to them. What? Theres already dozens of known exploits for the worlds #1 browser, and the multi billion dollar company behind it doesnt do anything about it?

Impossible.

Re:$10 says they'll fix this (1)

iambarry (134796) | more than 8 years ago | (#13808825)

OK, I'll take you up on that offer.

If, in the unlikely event that they don't patch this very scary DoS exploit within a week, you can send me $10.

Thanks,

--Barry

Here is the exploit (the text of the html) (5, Interesting)

putko (753330) | more than 8 years ago | (#13808766)

Here's the exploit:
<html><body><strong>Mozilla<sourcetext></body></ht ml>
Note: that last thing really is "html", but I think slashcode rewrites it.

Any ideas as to what is going wrong?

Change The Title Already ! (-1, Flamebait)

fredrickleo (711335) | more than 8 years ago | (#13808773)

You would think Slashdot, as a bastion of open source software enthusiasts, would do something about the title of this article! This is neither Denial Of Service or an Exploit unless there is something I missed and it's possible to insert some code into the html for local execution. But there it is in big letters on the front page. :(

FUD, Proof of concept (1)

Zoko Siman (585929) | more than 8 years ago | (#13808790)

Great example of more FUD for the fire (no pun intended). Why just post a bug report to the bug list like everyone else when you can make a 'proof of concept' bug, post it on slashdot and increase visitors to your site? No no, we can't go the normal route, that wouldn't make IE look better. All a proof of concept virus does is make all the new people want to flock back to IE

Face it people, Bugs like this are reported and fixed all the time. [mozilla.org] Just because another person decided to post about their 'proof of concept' on slashdot doesn't mean the world is coming to an end

A browser DoS? (4, Funny)

courtarro (786894) | more than 8 years ago | (#13808807)

It's hardly news to be able to DoS a browser. I DoS both FF and IE regularly while working on DHTML scripts, often when I use a debugging "alert" in the wrong place. Try this one and see how much farther you get during your morning browsing:

<html>
<body onmousemove="while(1) alert('ooooh');">
&nbsp;
</body>
</html>

Watch out before you run it! You wouldn't want to lose that Xanga post you've been working on.

Secunia says "Not Critical" (2, Informative)

Mini-Geek (915324) | more than 8 years ago | (#13808814)

assuming the Secunia Advisory [secunia.com] is referring to the same vulnerability linked to in the /. article, its Critical level is the lowest, Not Critical
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?