[转载]IE sp2 and Mozilla Firefox DoS
信息来源:seclistsThere is an issue with these browser rendering html's
with long titles.
Only Tested on:
--------------
Internet Explorer(SP2): 6.0.2900.2180
Mozilla firefox: 1.0
Not affected:
-------------
Mozilla Browser
Have a look at,
___________________
<html>
<head> <title> ....(put)3.5 MB OF data.......
</html>
___________________
For IE beyond 1 Mb will just do fine. On execution,
Mozilla Firefox starts filling up all the available
system memory with 100% CPU use.
Internet explorer renders 100% CPU use, but no system
instability. (O;
I've tested it on Windows XP SP2.
Both Firefox & IE supports decompression method 'gzip'
ie. an extended request header named
HTTP_ACCEPT_ENCODING like
HTTP_ACCEPT_ENCODING=gzip,deflate
By this way, the file can be kept around few kilobytes
in the server and delivered easily. I wonder, why
such... simple issue went un-noticed to everyone for
years...
Bipin Gautam
[url]http://www.geocities.com/visitbipin/[/url]
[url]http://www.nepsecure.tk[/url]
页:
[1]