[Bug 167] New: XML_ENTITY_DOS from bugzilla@soe.ucsc.edu on 2005-10-13 (w3c-dist-auth@w3.org from October to December 2005)

From: <bugzilla@soe.ucsc.edu>
Date: Thu, 13 Oct 2005 09:52:57 -0700
To: w3c-dist-auth@w3.org
Message-Id: <200510131652.j9DGqv2x008955@ietf.cse.ucsc.edu>

http://ietf.cse.ucsc.edu:8080/bugzilla/show_bug.cgi?id=167

           Summary: XML_ENTITY_DOS
           Product: WebDAV-RFC2518-bis
           Version: -07
          Platform: Other
        OS/Version: other
            Status: NEW
          Severity: normal
          Priority: P2
         Component: 19.  Security Considerations
        AssignedTo: joe-bugzilla@cursive.net
        ReportedBy: elias@cse.ucsc.edu
         QAContact: w3c-dist-auth@w3.org


Recursive entity declarations can be used for effective DOS attacks, and thus
WebDAV MUST allow servers to reject these kind of requests, even though they may
be well-formed).

http://lists.w3.org/Archives/Public/w3c-dist-auth/2003JanMar/0402.html



------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.

Received on Thursday, 13 October 2005 16:53:01 UTC