Apple Safari HTTPS Remote DoS

2005-04-28T03:38:22
ID OSVDB:16006
Type osvdb
Reporter Gilbert Verdian(gverdian@neoresearch.org)
Modified 2005-04-28T03:38:22

Description

Vulnerability Description

Safari contains a flaw that may allow a remote denial of service. Debugging indicates no buffers have overflowed, and that a NULL pointer may be the cause of the DoS. The issue is triggered when issuing a specially crafted HTTPS request containing an overly long string, which causes the browser to crash resulting in a loss of availability.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Safari contains a flaw that may allow a remote denial of service. Debugging indicates no buffers have overflowed, and that a NULL pointer may be the cause of the DoS. The issue is triggered when issuing a specially crafted HTTPS request containing an overly long string, which causes the browser to crash resulting in a loss of availability.

Manual Testing Notes

https:// AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

References:

Vendor URL: http://www.apple.com/ Security Tracker: 1013835 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-04/0500.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-04/0510.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-04/0511.html CVE-2005-1385