Hello participants of Mailing List. I'll tell you how Apple fixed my 2008's hole in their browser after 9 years. They did it in very lame manner. There are many vulnerabilities in Safari (mobile and desktop), such as DoS and XSS vulnerabilities. During 2016-2017 I wrote to Apple, that found these holes in Safari for iOS 6.x, 8.x and 10.x. Particularly I wrote about a lot of DoS by blocking, resource consumption, freezing and crashing. As I wrote to Apple at 06.06.2017, I checked at 04.06.2017 previous vulnerabilities in Safari 10.0.2 and 10.3.2 for iOS. Which in January 2016 checked in Safari 6.0.1 and 8.4.1 for iOS. They still not fixed those vulnerabilities. So I found that many of them, that affected 8.x, still affect 10.x version. For example multiple Denial of Service and Cross-Site Scripting vulnerability (for bypassing XSS filters). One of these holes is blocking DoS by print dialog. I found it in 2008, as you can see in my posts, that have links to exploits that I published in those years. This is my post from 04.06.2017 for Safari 10 for iOS (http://ift.tt/2wlZctq) with exploit, that I made and published at 17.10.2008 - similar holes I found in different browsers, such as Mozilla Firefox, Opera and Google Chrome (http://ift.tt/2wXnEoK) and called it printing DoS attack. Here is my 2008's post to security mailing list: DoS vulnerabilities in Mozilla, Internet Explorer, Google Chrome and Opera (http://ift.tt/2wmhb2X). http://ift.tt/2wWxO8S This exploit completely blocks browser. In October 2008 I wrote my article Classification of DoS vulnerabilities in browsers. On two languages - on Ukrainian (at 18.10.2008) and on English (at 22.10.2008 http://ift.tt/2wlRDmB). Where I told about all above-mentioned variants of DoS vulnerabilities in browsers, including blocking DoS, one of which is blocking by printing dialog (in those years I made exploits for all variants of dialogs in browsers to conduct DoS attacks). And in this article I summarize it - even without mentioned Safari, but I told that all browsers are vulnerable (that support appropriate dialog windows). So already 9 years ago I told all browser developers, that their software are vulnerable, but all of them ignored it. In July I read advisory (http://ift.tt/2uKX3LB) about holes in Safari, where I found that Apple fixed DoS by printing dialog. They called it "CVE-2017-7060". The hole that I found in all browsers (with print functionality) already in 2008 and wrote about it in above-mentioned advisory and in my article in 2008. And told Apple about it many times during 2016-2017. But they lamerly ignored and lamerly draw attention only to message from Travis Kelley, but not to all my posts, articles and letters for 9 years! In that advisory mentioned desktop Safari, but mobile version is the same vulnerable (I tested on Safari for iOS). So in July I suggested Apple to fix both versions. Apple answered me, that this issue is different. This is not different issue. CVE-2017-7060 is the same issue with print dialogs, that I found and created exploit nine yeas ago. Since there is only one possible attack on browsers with printing dialog. To put infinite print dialog window, that blocks browser. This attack and all other blocking attacks on all browsers I developed in 2008 (and some in other years). Particularly my attack with printing dialog I published at 17.10.2008 and called it "printing DoS attack". And mentioned about this kind of attacks in my 2008's article Classification of DoS vulnerabilities in browsers. Best wishes & regards, MustLive Administrator of Websecurity web site http://ift.tt/1H884q9
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment