ietf-822
[Top] [All Lists]

Re: gzip-8bit

2003-02-27 16:30:57

ned+ietf-822(_at_)mrochek(_dot_)com wrote:

So there you have a nice DoS attack: send a 1M message with all "a"s
and deflate-8bit to someone you don't like and see his box grind to
a halt under the memory pressure of a 1G attachment....

Excellent point, and one that certainly needs to be mentioned in the
security considerations section. In fact this probably is something
that should be mentioned in the security considerations for the
similar content-encodings for HTTP, if it isn't already.

It's not just content-encodings, but content-types too.  For example,
I once created a 300kB PNG that represents a 300MB image.  I tried
viewing the image with mozilla on a 256MB machine, and quickly the X
server became unresponsive, and I had to ssh from another machine and
kill mozilla.  Presumably this attack would be similarly effective when
delivered as a message attachment.

MNG can do the same thing with a file on the order of 100 bytes (it
has a way to create a uniform image of any size just by specifying its
color).

AMC

<Prev in Thread] Current Thread [Next in Thread>