Home
Latest images
Search
Register
Log inFirefox Denial of Service (KEYGEN) Exploit
Page 1 of 1
Firefox Denial of Service (KEYGEN) Exploit
andry Fri Oct 22, 2010 3:34 am
Affected products :
- Firefox 3.0.10 (Windows)
- probably all versions that support the keygen tag.
This bug is a simple design bug that results in an endless loop (and interesting memory leaks). Once upon a time Netscape thought it would be a great idea to add the keygen tag (KEYGEN) as a feature to their Browser. The keygen tag offers a simple way of automatically generating key material using various algorithms. For instance it is possible to generate RSA, DSA and EC key material.
"The public key and challenge string are DER encoded as PublicKeyAndChallenge and then digitally signed with the private key to produce a SignedPublicKeyAndChallenge. The SignedPublicKeyAndChallenge is base64 encoded, and the ASCII data is finally submitted to the server as the value of a name-value pair, where the name is specified by the NAME attribute of the KEYGEN tag."
Live to POC
- Firefox 3.0.10 (Windows)
- probably all versions that support the keygen tag.
This bug is a simple design bug that results in an endless loop (and interesting memory leaks). Once upon a time Netscape thought it would be a great idea to add the keygen tag (KEYGEN) as a feature to their Browser. The keygen tag offers a simple way of automatically generating key material using various algorithms. For instance it is possible to generate RSA, DSA and EC key material.
"The public key and challenge string are DER encoded as PublicKeyAndChallenge and then digitally signed with the private key to produce a SignedPublicKeyAndChallenge. The SignedPublicKeyAndChallenge is base64 encoded, and the ASCII data is finally submitted to the server as the value of a name-value pair, where the name is specified by the NAME attribute of the KEYGEN tag."
Live to POC
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics» Firefox Denial of Service (KEYGEN) Exploit
» Wordpress Resource Exhaustion Denial of Service Exploit
» Firefox 3.5 exploit ?
» Distributed Denial of Service Attacks Against Independent Media and Human Rights Sites
» Denial Services ?
» Wordpress Resource Exhaustion Denial of Service Exploit
» Firefox 3.5 exploit ?
» Distributed Denial of Service Attacks Against Independent Media and Human Rights Sites
» Denial Services ?
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum|
|
|