> -----Original Message----- > From: Bipin Gautam [mailto:visitbipin@hotmail.com] > Sent: Friday, April 09, 2004 8:07 AM > To: bugtraq@securityfocus.com > Subject: Browser bugs [DoS] ... where will you draw a line? > > > > Browser bugs [DoS] ... where will you draw a line? > > > > Shouldn't developers [of Browsers] draw a line... between a > DoS bug and a "can be troublesome" feature in their > web-browsern and put necessary measures in their code to > protect form such nasty codes. These days... I've been > seeing lot of stupid IE/Mozilla DoS exploits. They do get > patched. Should we need another "Bloodhound" technology in > brouser as well for such but...... it's strange to see > neither neither a antivirus softwares nor IE / MOZILLA are > putting necessary efforts in their code to prevent such > hostile scripts.....? > > I think that is presumptive. They put a lot of work into their browsers. But, unlike most other applications you are talking about a massive application here which is designed to perform many major tasks which include being it's own language parser for several languages. DoS attacks are not a priority. This can be almost anything. They don't run code. And, quite frankly, at least in IE, most DoS attacks are now handled pretty well. You can actually just close the browser. Further, it is not nearly so easy to get such attacks to work anymore because you are so much more limited in how you can attack. It used to be you could just send a newspost or email on any html post and get everyone. <snip> > -------------------------------------- > > I guess this bug has patch... > > -------------------------------------- > > <object id='wsh' > classid='clsid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B'></object> > > <script> > > wsh.Run("cmd.exe /k echo ...today is your lucky day!"); > > </script> > > -------------------------------------- Running wsh within the browser does not work in internet zone. The vulnerabilities that run code are very difficult to find. They may look easy as a finished product, but a great deal of grueling work goes into them. Running wsh within the browser if the file is on your desktop works, if you click "Okay" to the security warning. Web browsers are an essential technology. If you don't think they should be able to run games or perform powerful tasks then just turn off their ability to do so. Personally, even as someone that has found multiple full compromise vulnerabilities in IE, I like the power of it. It is cool to be able to have applications within a webpage. I like that mozilla added IRC to their browser. I can only hope they add more features. More features do mean more bugs. I will fault Microsoft on their time to fix bugs. I have serious problems with that. I don't blame the everyday person there, but I see that as a larger, management incompetence issue. <snip> > > > > the solution shouldn't be to disable scripting...... etc! Agreed there. And Microsoft has gone with this "solution" on w2k3. But, dealing with language parsers is very difficult. You can do almost anything in several different languages. There is so much to check. The same kind of issues remain for trying to firewall out SQL attacks or Javascript attacks. There are so many different ways to "say" the same thing. These are languages. > > > > so ?????? > > > > ./hUNT3R > > ------------------------------------- > > http://www.geocities.com/visitbipin > > http://www.01security.com > >
