Bugtraq mailing list archives
Re: Decompression Bombs [...missed something]
From: Bipin Gautam. <door_hunt3r () blackcodemail com>
Date: 6 Feb 2004 17:55:44 -0000
In-Reply-To: <401FD489.8070602 () aerasec de> isn't the concept same as the one I produced 3 months ago in... http://www.securityfocus.com/bid/8572/info/ indeed the replica... of my old concept! [... fine, A new class of bug! & in the wild AGAIN ]
As a followup to http://www.securityfocus.com/bid/9393/, where we pointed out vulnerabilities of some antivirus-gateways while decompressing bzip2-bombs, we were interested in the behaviour of various applications that process compressed data.We've created several bombs (bzip2, gzip, zip, mime-embedded bombs, pngand gif graphics, openoffice zip bombs). With these we tested some more applications like additional antivirus engines, various web browsers, openoffice.org, and the Gimp. As a result, much more applications as we thought crashed. The manufacturers of software should care more about the processing of untrusted input. For details see our full advisory, written by Dr. Peter Bieringer: http://www.aerasec.de/security/advisories/decompression-bomb-vulnerability.html
Current thread:
- Re: Decompression Bombs [...missed something] Bipin Gautam . (Feb 06)
- Re: Decompression Bombs [...missed something] Andreas Marx (Feb 09)