|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: iSCSI: Text request/response spanning - security issue?"Mallikarjun C." wrote: > > The expectation is that implementations will set the right timeouts > to detect and get out of these conditions. The state transitions > (chapter 5) allow these timeouts as legal events that could cause a > Login failure. Also take a look at section 6.8, which deals with > timeouts in text negotiations. This isn't a timeout issue at all (but it is a DoS attack). The Text Requests can come at the right time, and none of them may have a 0x00 in it's payload to indicate end of key=value pair. This will drain the node's memory. There needs to be a limitaion (somehow) on how long a key=value could ever be (spanning or not). Negotiated or not. "Buffer overrun" rings a bell. -- Luben
Home Last updated: Thu Mar 28 21:18:18 2002 9372 messages in chronological order |