Details

    • Security:
      Yes
    • SLA:
      Not Applicable
    • Rank:
      0|i01vrz:
    • Damage Potential:
      57
    • Business Impact:
      0.84
    • Total Risk:
      47.88

      Description

      Walrus insecurely parses XML for some request messages (eg., bucket logging), this can be used to consume server resources resulting in a denial of service (such as using all memory or using up all available threads). The server logs may show out of memory errors when various threads fail (you would also observe high CPU usage for such an attack).

      This issue is originally reported by Steve Jones.

        Gliffy Diagrams

          Lucidchart Diagrams

            Attachments

              Activity

                People

                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: