Re: Billion laughs hits BugTraq

Cart

XML Editor - Download a Free Trial >

See What's New >

Buy Now >

[Home] [By Thread] [By Date] [Recent Entries]

To: "Miles Sabin" <miles@m...>,<xml-dev@l...>
Subject: Re: Billion laughs hits BugTraq
From: "Karl Waclawek" <karl@w...>
Date: Mon, 16 Dec 2002 13:26:19 -0500
References: <200212161805.29857.miles@m...>



> Full advisory here,
> 
>   http://makeashorterlink.com/?Y42112AC2
> 
>   Multiple vendors XML parser (and SOAP/WebServices server)
>   Denial of Service attack using DTD


This was discussed here a few weeks ago.
This DOS attack is possible with any conforming XML parser,
so it is not an issue of the particular implementations mentioned,
but rather a "feature" of XML itself.

Also, the SOAP specs make it a point to *not* allow
a document type declaration within a SOAP message, so conforming
SOAP implementations should not be susceptible to such an attack.

A "fix" would not necessarily involve XML parser implementations,
although we - the Expat team - have discussed adding some features
to make it easier to detect such a "malicious" DTD.

This advisory also does not mention the responses received
from the Expat team.

Looks as if Sanctum inc. http://www.sanctuminc.com/ just issued this
advisory to justify their existence.

Karl

References:
- Billion laughs hits BugTraq
  - From: Miles Sabin <miles@m...>

Prev by Date: RE: nested namespaces
Next by Date: RE: nested namespaces
Previous by thread: Billion laughs hits BugTraq
Next by thread: RE: Sean McGrath hits a home run
Index(es):
- Date
- Thread

XML Editor - Download a 15 Day Free Trial Now >

See What's New in Stylus Studio >

Buy Stylus Studio - XML Editor - Now >