Konqueror DoS Via JavaScript Read Of FTP Iframe

Security: Submitted by Mark on 04-Mar-07 at 07:48pm

This Konqueror crash is a spin-off finding from the FTP PASV paper.

Manipulating FTP Clients Using The PASV Command Paper

Security: Submitted by Mark on 04-Mar-07 at 07:46pm

A common implementation flaw in FTP clients allows FTP servers to cause clients to connect to other hosts. This seemly small vulnerability has some interesting consequences for web browser security.
This paper discusses how the flaw affects Firefox, Opera and Konqueror.