No content since 2004
Feel free to donate
Chris @ MyITforum
Subscribe in a reader
Subscribe to Chris Mosby at myITforum.com by Email
Hash collisions vulnerability in web serversPublished: 2011-12-28,Last Updated: 2011-12-28 16:34:27 UTCby Daniel Wesemann (Version: 1)Rate this diary:0 comment(s) A new vulnerability advisory by security firm n-runs [1] describes how hash tables in PHP5,Java,ASP.NET and others can be attacked with deliberate collisions in the hash function, leading to a denial of service (DoS) on the web server in question. Microsoft have already responded with an advisory [2] of their own, other vendors are likely to follow.[1] http://www.nruns.com/_downloads/advisory28122011.pdf[2] http://technet.microsoft.com/en-us/security/advisory/2659883Keywords: DoS vulnerability webattacks webserver
No Comments