Home page logo

oss-sec logo oss-sec mailing list archives

libxml2: hash table collisions CPU usage DoS
From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Wed, 22 Feb 2012 11:14:36 +0530

Juraj Somorovsky reported that certain XML parsers/servers are affected by the same, or similar, flaw as the hash table collisions CPU usage denial of service. Sending a specially crafted message to an XML service can result in longer processing time, which could lead to a denial of service. It is reported that this attack on XML can be applied on different XML nodes (such as entities, element attributes, namespaces, various elements in the XML security, etc.).



This has been assigned CVE-2012-0841

Huzaifa Sidhpurwala / Red Hat Security Response Team

  By Date           By Thread  

Current thread:
  • libxml2: hash table collisions CPU usage DoS Huzaifa Sidhpurwala (Feb 22)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]