Details

    • Security:
      Yes
    • SLA:
      Not Applicable
    • Rank:
      0|i01vrz:
    • Damage Potential:
      57
    • Business Impact:
      0.84
    • Total Risk:
      47.88

      Description

      Walrus insecurely parses XML for some request messages (eg., bucket logging), this can be used to consume server resources resulting in a denial of service (such as using all memory or using up all available threads). The server logs may show out of memory errors when various threads fail (you would also observe high CPU usage for such an attack).

      This issue is originally reported by Steve Jones.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: