[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [lists] [Full-Disclosure] Novell/Ximian Evolution multiple text attachmentsDoS
- To: "'Kristian Hermansen'" <khermansen@xxxxxxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: RE: [lists] [Full-Disclosure] Novell/Ximian Evolution multiple text attachmentsDoS
- From: "Curt Purdy" <purdy@xxxxxxxxxx>
- Date: Sat, 26 Feb 2005 07:34:02 -0600
Kristian Hermansen wrote:
> I just wanted to inform users of Ximian Evolution 2.0
> software that there exists a way to temporarily DoS the local
> application and/or machine by attaching an absurd amount of
> .ezm files to a normal email.
<snip>
It seems to me that it would take an attacker more time to create this
remote DoS than it would cause the victim in lost time. IMHO Outlook Express
would be a much less time consuming vector.
Curt Purdy CISSP, GSEC, CNE, MCSE+I, CCDA
Information Security Engineer
DP Solutions
-----------------------------
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html