[Expat-discuss] Re: DoS exploit?
Hendrik Schober
SpamTrap at gmx.de
Wed Nov 10 12:26:25 CET 2004
Karl Waclawek <karl at waclawek.net> wrote:
> [...]
>
> Search google for the "million laughs xml" attack.
> This is a DoS attack that every conforming XML parser
> is susceptible too. Its based on how entities declared
> in a DTD are expanded. There is no known bug in Expat
> related to DoS attacks.
Sorry for taking so long to follow up.
Thanks for your answer! This solved the
isuue for the customer.
> Karl
Schobi
--
SpamTrap at gmx.de is never read
I'm Schobi at suespammers dot org
"The presence of those seeking the truth is infinitely
to be prefered to those thinking they've found it."
Terry Pratchett
More information about the Expat-discuss
mailing list