Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Hash collisions vulnerability in web servers

Published: 2011-12-28
Last Updated: 2011-12-28 23:02:14 UTC
by Daniel Wesemann (Version: 2)
8 comment(s)

 
A new vulnerability advisory by security firm n-runs [1] describes how hash tables in PHP5,Java,ASP.NET and others can be attacked with deliberate collisions in the hash function, leading to a denial of service (DoS) on the web server in question. Microsoft have already responded with an advisory [2] of their own, other vendors are likely to follow.

Updated 2300UTC: MSFT published additional information [3] on how to detect and mitigate an attack.

[1] http://www.nruns.com/_downloads/advisory28122011.pdf
[2] http://technet.microsoft.com/en-us/security/advisory/2659883
[3] http://blogs.technet.com/b/srd/archive/2011/12/27/more-information-about-the-december-2011-asp-net-vulnerability.aspx



 

8 comment(s)
Diary Archives