395737 - Browser crash upon visiting website

Status: RESOLVED DUPLICATE of bug 349392

(Firefox :: Security, defect)

Description

[S]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6
Build Identifier: Mozilla/5.0 (X11; U; Linux -686; en-US; rv:1.8.1.5) Gecko/20061201 Firefox/2.0.0.5 (Ubuntu-feisty)

I discovered this while looking through Google's phishing blacklist page. The URL will redirect your browser and crash the browser and perhaps the operating system.

Reproducible: Always

Steps to Reproduce:
1. Go to URL
2. Wait a minute for things to load and stuff.
Actual Results:  
First off, please do not visit this website unless you are prepared for what is to come: The page will redirect you to a website (http://lastmeasure.freehostia.com/), which seems to display a random gross image, and then try to connect you to an irc channel (using, in one instance, chatzilla). On one of my computers (emulated!) running Iceweasel it completely freezes the XFCE gui. On my Ubuntu computer, it basically froze Firefox (turned white). I think there is also a flash animation to go along with it, or sound effects, but it doesn't seem to work. I imagine on Windows it may load an exploit...? (I haven't tried.)

Expected Results:  
Not freeze. Perhaps stop the page from loading once it recognizes what it is (once it recognizes the attempted exploit) and warn the user.

N/A. Try it yourself. Emulate Windows or Linux to be case.

Comment 1

[Martijn Wargers (dead)]

Both of the pages you gave seem to be the same, afaict:
view-source:http://208.53.183.66/~luk0r/process.php
view-source:http://lastmeasure.freehostia.com/
I haven't looked at the pages yet, because I suspect it will open endles windows and make my computer unusable for a while.
So this is a dos attack, I think.