Codenomicon, a Finnish security company, has been in the news recently because of a widespread set of vulnerabilities in XML parsing. Their press release is at http://www.codenomicon.com/news/press-releases/2009-08-05.shtml, and the official report from the Finnish CERT team is at https://www.cert.fi/en/reports/2009/vulnerability2009085.html. The vulnerabilities are pretty widespread, affecting most of the common C, Java, and Python toolkits. Everyone's working on fixes.
Basically, the attacks involve things that DataPower has been calling "XDos" for several years; here's a press release from 2003. But more importantly, we've been catching and preventing these kinds of things for more than six years. Sometimes, the paranoia pays off, and they really are out to get you... eventually.
Of course, we're not perfect -- we've had our own "packet of death" DoS, even though it was had fixed before the vulnerability was posted. Nothing's perfect, which is why a "defense in depth" is important.
XML and DoS Attacks
RSalz 2700011QK0 1 Comment 1,937 Visits