[Python-Dev] XML DoS vulnerabilities and exploits in Python
Antoine Pitrou
solipsis at pitrou.net
Thu Feb 21 08:42:46 CET 2013
More information about the Python-Dev mailing list
Thu Feb 21 08:42:46 CET 2013
- Previous message: [Python-Dev] XML DoS vulnerabilities and exploits in Python
- Next message: [Python-Dev] XML DoS vulnerabilities and exploits in Python
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, 21 Feb 2013 02:29:08 -0500 Tres Seaver <tseaver at palladion.com> wrote: > > Antoine, > > A single, small,, malicious XML file can kill a machine (not just the > process parsing it) by sucking all available RAM. We are talking hard > lockup, reboot-to-fix-it sorts of DOC here. Sure, but in many instances, rebooting a machine is not business-threatening. You will have a couple of minutes' downtime and that's all. Which is why the attack must be repeated many times to be a major annoyance. Regards Antoine.
- Previous message: [Python-Dev] XML DoS vulnerabilities and exploits in Python
- Next message: [Python-Dev] XML DoS vulnerabilities and exploits in Python
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-Dev mailing list