Full Disclosure mailing list archives
Re: Decompression Bombs
From: "Harald Geiger" <hgeiger () aerasec de>
Date: Tue, 03 Feb 2004 19:24:37 +0100
Oops, sorry. The link point to the old advisory. Correct is:
For details see our full advisory:http://www.aerasec.de/security/advisories/decompression-bomb-vulnerability.h tml
On Tue, Feb 03, 2004 at 05:34:18PM +0100, Harald Geiger wrote:
As a followup to http://lists.netsys.com/pipermail/full-disclosure/2004-January/015420.html where we pointed out vulnerabilities of some antivirus-gateways while decompressing bzip2-bombs, we were interested in the behaviourof various applications that process compressed data.It looks like not only bzip2 bombs, but also decompression bombs in general might cause problems. Compression is used in many applications, but hardly any maximum size limits are checked during the decompressionof untrusted content.We've created several bombs (bzip2, gzip, zip, mime-embedded bombs, png and gif graphics, openoffice zip bombs). With these some more applications like additional antivirus engines,various web browsers, openoffice.org, and the Gimp have been tested.As a result, much more applications as we thought crashed. The manufacturers of Software should be more careful with the processing of untrusted input.
For details see our full advisory:http://www.aerasec.de/security/advisories/decompression-bomb-vulnerability.h tml Harald Geiger
-- Harald Geiger Phone: +49-8102-895190 AERAsec Network Services and Security GmbH Fax: +49-8102-895199 Wagenberger Straße 1 D-85662 Hohenbrunn E-Mail: hgeiger () aerasec de Germany Internet: http://www.aerasec.dePGP/GPG: http://www.aerasec.de/wir/publickeys/HaraldGeiger.asc
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Decompression Bombs Harald Geiger (Feb 03)
- Message not available
- Re: Decompression Bombs Harald Geiger (Feb 03)
- Message not available