a safari bug (is it all it's cracked up to be?)
"The problem is triggered by opening a simple web page consisting of only three lines of HTML. The flaw was reported to the Full-Disclosure mailing list by Yannick von Arx, who said clicking on such a link "causes the operating system to [display the] Spinning Rainbow Cursor Of Death (SRCOD)"."
http://www.itweek.co.uk/itweek/news/...t-browser-flaw
Can't you just force quit Safari and everything will be alright? If Safari has a spinning beach ball, none of the other apps should, right?
http://www.itweek.co.uk/itweek/news/...t-browser-flaw
Can't you just force quit Safari and everything will be alright? If Safari has a spinning beach ball, none of the other apps should, right?
Comments
Originally posted by speed_the_collapse
....
Can't you just force quit Safari and everything will be alright? If Safari has a spinning beach ball, none of the other apps should, right?
This has always been my experience. Just click on some other area of the screen or press [apple]+[option]+[esc] to bring up the Force Quit dialog box. Before declaring this the end of Apple as we know it, it would be interesting to know if this vulnerability is a Safari problem or an HTML problem.
Originally posted by Mr. Me
This has always been my experience. Just click on some other area of the screen or press [apple]+[option]+[esc] to bring up the Force Quit dialog box. Before declaring this the end of Apple as we know it, it would be interesting to know if this vulnerability is a Safari problem or an HTML problem.
The real question is if this is truly a vulnerability or is this a HTML problem or rendering issue. I am updating my version of WebKit right now, just to see if this is really a rendering issue, or is it a vulnerability.
I doubt that it is a vulnerability though.
I will post my findings on here.
Link to Webkit: http://webkit.opendarwin.org/
Edited to add link to WebKit
Originally posted by Mike Eggleston
The real question is if this is truly a vulnerability or is this a HTML problem or rendering issue. I am updating my version of WebKit right now, just to see if this is really a rendering issue, or is it a vulnerability.
I doubt that it is a vulnerability though.
I will post my findings on here.
After grabbing the nightly build of WebKit, I can safely say that this is no longer an issue. Once Apple snags a version of the new WebKit, this "vulnerability" will go away.
For all of you who are curious, here is the supposed "vulnerability":
<HTML>
<TABLE>
<TR><TD ROWSPAN=2000000000>
The person was very gracious to put a link to show the vulnerability. Here is the link:
http://www.yanux.ch/exploits/safari/example.html
<HTML>
<TABLE>
<TR><TD ROWSPAN=2000000000>
The person was very gracious to put a link to show the vulnerability. Here is the link:
http://www.yanux.ch/exploits/safari/example.html
erms.. BE WARNED.
Call me stupid for running the link but here are my results:
1. Firefox didn't skip a beat.
2. Safari caused my machine its first ever system wide "freeze." Mouse moved but everything else was frozen. Had to do a hard reset a minute so later. (2.0 MBP)
Originally posted by LGnome
erms.. BE WARNED.
Call me stupid for running the link but here are my results:
1. Firefox didn't skip a beat.
2. Safari caused my machine its first ever system wide "freeze." Mouse moved but everything else was frozen. Had to do a hard reset a minute so later. (2.0 MBP)
Funny, nearly the same here Fortunately i could force quit Safari to
avoid a restart. Bad, bad, bad
The SRCOD is the OS X icon used to show that the operating system is busy. It is extremely difficult to regain control of the system while it is visible.
In his email to full-disclosure, Von Arx suggests the easiest ways to regain control are to unplug the computer or wait several minutes until Safari crashes.
First, the Force quit, either from the Dock or the Apple menu, or the key squence, solves this almost instantly. Second, why would you unplug the computer when you can simply hold down the power button to force a hard reboot (which really isn't necessary).
But more importantly, can anyone here give a rational explaination as to how this is a 'vulnerability'???? as opposed to a simple bug. It seems that the security industry is (or has already) evolving into a mob type protection racket with all sorts of fear mongering. I always thought a DOS was something that was initiated from outside, not a user action, and tied up the network bandwidth. This is nothing more that the equivalent of an open for loop.\ \ Kill the process and get on with it. (And OSX give you plenty of simple ways to kill the process)
Originally posted by physguy
But more importantly, can anyone here give a rational explaination as to how this is a 'vulnerability'???? as opposed to a simple bug. It seems that the security industry is (or has already) evolving into a mob type protection racket with all sorts of fear mongering. I always thought a DOS was something that was initiated from outside, not a user action, and tied up the network bandwidth. This is nothing more that the equivalent of an open for loop.\ \ Kill the process and get on with it. (And OSX give you plenty of simple ways to kill the process)
Maybe they define DOS to mean a method in which you can be denied access to a webserver. I think DOS attacks usually take down the server by say pinging them to death or whatever so users can't access the sites.
Still, it is just a bug and it seems to already be fixed in webkit. Apple just needs to issue an update.
I agree there seems to be a lot of people trying to make Mac users more afraid and hyping up security threats. It's a pain in the ass but what can you do?
Originally posted by physguy
But more importantly, can anyone here give a rational explaination as to how this is a 'vulnerability'???? as opposed to a simple bug. It seems that the security industry is (or has already) evolving into a mob type protection racket with all sorts of fear mongering. I always thought a DOS was something that was initiated from outside, not a user action, and tied up the network bandwidth. This is nothing more that the equivalent of an open for loop.\ \ Kill the process and get on with it. (And OSX give you plenty of simple ways to kill the process)
That is the whole point right there. This is not a vulnerability. This is a simple bug. It is a bug that was squashed with the most recent WebKit Nightly build. This will (more than likely) go away with the next Safari update.