From owner-freebsd-security  Tue May 18  1:55: 3 1999
Delivered-To: freebsd-security@freebsd.org
Received: from sentry.granch.ru (sentry.granch.ru [212.20.5.135])
	by hub.freebsd.org (Postfix) with ESMTP id 15F5415593
	for <security@FreeBSD.ORG>; Tue, 18 May 1999 01:54:41 -0700 (PDT)
	(envelope-from shelton@granch.ru)
Received: from granch.ru (1001@localhost.granch.ru [127.0.0.1])
	by sentry.granch.ru (8.8.8/8.8.7) with ESMTP id PAA00316;
	Tue, 18 May 1999 15:53:44 +0700 (NSS)
	(envelope-from shelton@granch.ru)
Message-ID: <37412A96.99E83C0E@granch.ru>
Date: Tue, 18 May 1999 15:53:42 +0700
From: "Rashid N. Achilov" <shelton@granch.ru>
Organization: Granch Ltd.
X-Mailer: Mozilla 4.51 [en] (X11; I; FreeBSD 2.2.8-RELEASE i386)
X-Accept-Language: ru, en
MIME-Version: 1.0
To: Roger Marquis <marquis@roble.com>
Cc: security@FreeBSD.ORG
Subject: Re: HTML DOS? (http://microsoft.com/NTServer/all/Downloads.asp)
References: <Pine.GSO.3.96.990517072214.22349A-100000@roble2.roble.com>
Content-Type: text/plain; charset=koi8-r
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Roger Marquis wrote:
> 
> Has anyone attempted to browse:
> 
>         http://microsoft.com/NTServer/all/Downloads.asp
> 
> using Netscape Navigator and noticed what seems to be an HTML denial of
> service?  I've tested this page with Javascript on and off, Java on and
> off, cookies on and off, stylesheets off, under FreeBSD, Linux and
> Solaris and the behavior is consistent:
> 
>         * Navigator freezes for several seconds
>         * CPU utilization climbs briefly to near 100%
>         * memory usage climbs by 11MB
>         * the 11MB or memory are not released even after leaving
>           the page and clearing disk and RAM caches.
> 
>

After 7 minutes loading Netscape break with core dump :-( CPU
utilization slowly up to 80%, next going in swap reading state, CPU
utilization down, Netscape down with core dump :-(...FreeBSD 2.2.8, 32Mb
RAM, Java on, JScript on, cookies on. Netscape Communicator 4.51 english

-- 
     With Best Regards.
     Rashid N. Achilov (RNA1-RIPE), Granch Ltd. lead engineer
     e-mail: achilov@granch.ru, tel (383-2) 24-2363


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message