Denial of Service using Partial GET Request in Mozilla Firefox 3.06

February 12, 2009 – 11:16 AM

The Partial GET Request (HTTP 206 Status Code) of a WAV file results in a Denial of Service of the application.

Last HTTP packet from Firefox before the DoS is listed below in RAW format:

GET /fpaudio/footprints_waves.wav HTTP/1.1
Accept: */*
User-Agent: NSPlayer/11.0.6001.7001 WMFSDK/11.0
UA-CPU: x86
Accept-Encoding: gzip, deflate
Range: bytes=34848-
Unless-Modified-Since: Mon, 09 Jul 2007 12:44:57 GMT
If-Range: “4f0018-440f2-434d403204440”
Host: www.footprints-inthe-sand.com
Connection: Keep-Alive

The OK GET Request (HTTP 200 Status Code) of the WAV file is
listed below in RAW format:
GET /fpaudio/footprints_waves.wav HTTP/1.1
Accept: */*
User-Agent: Windows-Media-Player/10.00.00.3802
UA-CPU: x86
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: www.footprints-inthe-sand.com

Proof of Concept:
http://www.footprints-inthe-sand.com/index.php?page=Poem/Poem.php

Source:
http://www.securityfocus.com/archive/1/500915

You must be logged in to post a comment.

Denial of Service using Partial GET Request in Mozilla Firefox 3.06

Search PC Sympathy

Site Links

Denial of Service using Partial GET Request in Mozilla Firefox 3.06

Related Posts

Search PC Sympathy

Site Links