Full Disclosure mailing list archives

Re: n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table

From: Jan Schejbal <jan.mailinglisten () googlemail com>
Date: Thu, 29 Dec 2011 21:02:46 +0100

Am 2011-12-29 19:59, schrieb sd:

PHP-suhosin killed this issue long time ago.


In hash tables in general or just in POST request parsing? Remember,
anything that uses associative arrays, e.g. JSON parsers, might also be
used to pwn the server.

Kind regards,
Jan

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table security (Dec 28)
- Re: n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table sd (Dec 29)
  - Re: n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table adam (Dec 29)
    - Re: n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table coderman (Dec 29)
  - Re: n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table Jan Schejbal (Dec 29)