Cause of MS SSL DoS attack

[SanjayR <sanjayr () intoto com>]

Hi All;
I am trying to understand the main cause of DoS for MS SSL vulnerability 
(MS04-011, CAN-2004-0120). Everywhere, I get one information 
that  specially malformed SSL messages can cause DoS, but what exactly is 
causing the DoS is not mentioned. After seeing the exploit code, I could 
see that normally, during SSL handshake, client sends available Cipher 
suites to server, which are around 30 (at most). therefore Cipher Suite 
length is at most 60 bytes (in general). but under this attack, i found it 
to be 39729!! there are many unknown types of cipher suites. Is this the 
cause of DoS? I shall be thankful for any information.

-Sanjay