Re: @(#)Mordred Labs advisory 0x0007: Remove DoS in PostgreSQL
| От | Sir Mordred The Traitor |
|---|---|
| Тема | Re: @(#)Mordred Labs advisory 0x0007: Remove DoS in PostgreSQL |
| Дата | |
| Msg-id | 3d6a49ce.4b9ea323@s-mail.com обсуждение исходный текст |
| Ответ на | @(#)Mordred Labs advisory 0x0007: Remove DoS in PostgreSQL (Sir Mordred The Traitor <mordred@s-mail.com>) |
| Ответы |
Re: @(#)Mordred Labs advisory 0x0007: Remove DoS in PostgreSQL
|
| Список | pgsql-hackers |
>Hey, if I can connect to postmaster I can DoS it quite easily, but flooding it >with connection requests..... Hm, that's true of course, but now i will do this with a couple of connections. Lets say, bot on a owned machine, connects to a database, send a crafted packet, postgresql will allocate a huge amount of memory, and will be happy to read anything it recvs from my bot. ________________________________________________________________________ This letter has been delivered unencrypted. We'd like to remind you that the full protection of e-mail correspondence is provided by S-mail encryption mechanisms if only both, Sender and Recipient use S-mail. Register at S-mail.com: http://www.s-mail.com/inf/en
В списке pgsql-hackers по дате отправления: