[Dshield] Decompression Bombs

tlepkowski@comcast.net tlepkowski at comcast.net
Thu Feb 5 15:52:12 GMT 2004


<snip>
> That must be one lonely individual.

Edison, Bell, Wright brothers, Bohr, Shockley and a host of others -most of them lost to the ages, and in retrospect, unimportant- must have been bored too...  

> 
> 
> 
> 
> On Wed, 4 Feb 2004, Jon R. Kibler wrote:
> 
> > I ran across this article in another maillist. Thought it may be of interest 
> here.
> > 	
> http://www.aerasec.de/security/advisories/decompression-bomb-vulnerability.html
> >
> > The bottom line: Take an extremely large file (100sGB) containing only a 
> single byte value (such as x00), compress it, and you end up with a tiny file 
> (~>64KB). That that file and used it as an email attachment, part of a web page, 
> etc., that when it is decompressed, will crash the program that invoked the 
> decompressor.
> 
> lol...
> Not that I doubt you... I'm just trying to picture who sits around
> compressing 100gig+ files... my entire system sits on 3gig. That must be
> one lonely individual.
> 
> 
> [jayjwa]RLF#37
> 
> 
> 
> _______________________________________________
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see: 
> http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list