[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV Lynx/MSIE denial-of-service

From: Alan Cox
Subject: Re: LYNX-DEV Lynx/MSIE denial-of-service
Date: Tue, 11 Mar 1997 09:07:01 +0000 (GMT)

> though viewing a file of infinite length. This has caused a modem
> connection to drop using MSIE, and slowed a Linux system using lynx to a
> crawl due to exhaustion of memory. Both processes were aborted before any
> further damage was caused.

There are a pile of others

<IMG src="telnet://localhost:19/"> and the like as well as direct tty
access bugs <A href="file:/dev/tty">Click here to lock up lynx</A>

> The CHARGEN service has other security implications and should be turned
> off in normal system operation.


Lynx ought to have a sanity limit on page sizes and also on opening device

; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]