Decompression bomb vulnerabilities
It looks like bzip2 bombs are not the only ones that can cause problems. Decompression bombs in general are causing problems. Compression is used in many applications, but only seldom maximum size limits are checked during decompression of untrusted content.
Impacts:
– simple bombs: compressed binaries containing a huge amount of the same char (binary value.)
– complex MIME bombs: a compressed mailbox containing one e-mail with MIME parts, the last MIME part contains a virus.
– gzip’ed HTML bombs: serving a gzip’ed HTML file, containing a huge amount of spare chars.
– picture bombs (very big in pixels unicolor picture in GIF or PNG format).
– OpenOffice bombs: OpenOffice data ZIP file containing an additional huge file.
Bomb size ratios
Possible impacts
Possible impacts
-Application crashes because of out-of-memory: Process usually terminated by kernel
-Application consumes a lot of virtual memory: High CPU load, high disk load during paging, no or slow reaction. (On Microsoft Windows systems also increasing of paging file can be triggered)
-Application crashed because of out-of-disk space: Normally after a crash the application doesn’t remove the temporary file, system stays in out-of-disk-space state.
more from [url=http://www.aerasec.de/security/advisories/decompression-bomb-vulnerability.html]Aerasec[/url]
March 12th, 2004 at 2:49 pm
at last something I can fear.
May 20th, 2006 at 4:16 am
Hi,
can a decompression bomb be installed and executed from a Java applet? I think this is what appended to me, 3/4 of my Hdrive is now filled with I don’t know what… Do you have a way to free an Hdrive from this threat?
Thanx,
Esselfe