URL:
http://savannah.nongnu.org/bugs/?32014
Summary: CVE-2010-1677: DoS when processing html messages
with deep tag nesting
Project: MHonArc
Submitted by: ehood
Submitted on: Thu 30 Dec 2010 02:45:51 PM CST
Category: MIME Filter
Severity: 6 - Security
Item Group: Undesired Behavior
Status: In Progress
Privacy: Private
Assigned to: ehood
Open/Closed: Open
Discussion Lock: Any
Operating System: All
Perl Version: All
Component Version: 2.6.16
Fixed Release:
___
Details:
If a malformed HTML message contains something like the following:
bobobobobodydydydydy
But to a much larger extent, will cause mhonarc to consume
a alot of CPU resources to strip out the data.
___
Reply to this item at:
http://savannah.nongnu.org/bugs/?32014
___
Message sent via/by Savannah
http://savannah.nongnu.org/
-
To sign-off this list, send email to majord...@mhonarc.org with the
message text UNSUBSCRIBE MHONARC-DEV