Niclas Hedhman wrote:
What kind of DoS attacks would you expect?
If I can upload an XSL, I can have an infinite loop in the XSL, and then issue continous HTTP requests invoking that XSL, effectively eating up both RAM and CPU time.
Also eating up bandwidth, and if the server is hot iron hooked to a fat pipe, you can bring down the target end of the URL by swamping it with requests. Actually, this was the main idea.
J.Pietschmann --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, email: [EMAIL PROTECTED]
