Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/2013-February/124225.html below:

[Python-Dev] XML DoS vulnerabilities and exploits in Python

• Previous message: [Python-Dev] XML DoS vulnerabilities and exploits in Python
• Next message: [Python-Dev] XML DoS vulnerabilities and exploits in Python
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 21 Feb 2013 02:29:08 -0500
Tres Seaver <tseaver at palladion.com> wrote:
> 
> Antoine,
> 
> A single, small,, malicious XML file can kill a machine (not just the
> process parsing it) by sucking all available RAM.  We are talking hard
> lockup, reboot-to-fix-it sorts of DOC here.

Sure, but in many instances, rebooting a machine is not
business-threatening. You will have a couple of minutes' downtime and
that's all. Which is why the attack must be repeated many times to be a
major annoyance.

Regards

Antoine.

• Previous message: [Python-Dev] XML DoS vulnerabilities and exploits in Python
• Next message: [Python-Dev] XML DoS vulnerabilities and exploits in Python
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4