[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table
From: Jan Schejbal <jan.mailinglisten@xxxxxxxxxxxxxx>
Date: Thu, 29 Dec 2011 21:02:46 +0100

Am 2011-12-29 19:59, schrieb sd:
> PHP-suhosin killed this issue long time ago.

In hash tables in general or just in POST request parsing? Remember,
anything that uses associative arrays, e.g. JSON parsers, might also be
used to pwn the server.

Kind regards,
Jan

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table
  - From: security
- Re: [Full-disclosure] n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table
  - From: sd

Prev by Date: Re: [Full-disclosure] n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table
Next by Date: [Full-disclosure] Multiple new vulnerabilities in Register Plus Redux for WordPress
Previous by thread: Re: [Full-disclosure] n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table
Next by thread: [Full-disclosure] [ MDVSA-2011:195 ] krb5-appl
Index(es):
- Date
- Thread