From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail1-relais-roc.national.inria.fr (mail1-relais-roc.national.inria.fr [192.134.164.82])
	by walapai.inria.fr (8.13.6/8.13.6) with ESMTP id pBV0Y5HC002236
	for <caml-list@sympa-roc.inria.fr>; Sat, 31 Dec 2011 01:34:05 +0100
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AswCAAlX/k7AbSoIe2dsb2JhbABDhQ+nRSIBARYmBCGBcgEBBSNWEAsJBQoCAiYCAhQYMYgPBqN6kSgTgRyJSjNjBI1HhzqSNg
X-IronPort-AV: E=Sophos;i="4.71,435,1320620400"; 
   d="scan'208";a="137326995"
Received: from einhorn.in-berlin.de ([192.109.42.8])
  by mail1-smtp-roc.national.inria.fr with ESMTP/TLS/DHE-RSA-AES256-SHA; 31 Dec 2011 01:34:00 +0100
X-Envelope-From: oliver@first.in-berlin.de
Received: from first (e178004174.adsl.alicedsl.de [85.178.4.174])
	(authenticated bits=0)
	by einhorn.in-berlin.de (8.13.6/8.13.6/Debian-1) with ESMTP id pBV0XxVP030183
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
	Sat, 31 Dec 2011 01:33:59 +0100
Received: by first (Postfix, from userid 1000)
	id AA29D154036A; Sat, 31 Dec 2011 01:33:58 +0100 (CET)
Date: Sat, 31 Dec 2011 01:33:58 +0100
From: oliver <oliver@first.in-berlin.de>
To: Gerd Stolpmann <info@gerd-stolpmann.de>
Cc: caml-list@inria.fr
Message-ID: <20111231003358.GB1743@siouxsie>
References: <1325263446.5036.104.camel@samsung>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <1325263446.5036.104.camel@samsung>
User-Agent: Mutt/1.5.20 (2009-06-14)
X-Scanned-By: MIMEDefang_at_IN-Berlin_e.V. on 192.109.42.8
Subject: Re: [Caml-list] Hashtbl and security

On Fri, Dec 30, 2011 at 05:44:06PM +0100, Gerd Stolpmann wrote:
> Hi,
> 
> there was recently a security alert for web services that use hash
> tables to store web form parameters sent via POST
[...]


Fixed in Perl in 2003.


28C3-Talk:
  http://events.ccc.de/congress/2011/Fahrplan/events/4680.en.html

LQ Video of the talk:
  http://mirror.fem-net.de/CCC/28C3/mp4-h264-LQ/28c3-4680-en-effective_dos_attacks_against_web_application_platforms_h264-iprod.mp4
  http://mirror.fem-net.de/CCC/28C3/mp4-h264-LQ/28c3-4680-en-effective_dos_attacks_against_web_application_platforms_h264-iprod.mp4.sha1
  http://mirror.fem-net.de/CCC/28C3/mp4-h264-LQ/28c3-4680-en-effective_dos_attacks_against_web_application_platforms_h264-iprod.mp4.torrent


HQ Video of the talk:
  http://mirror.fem-net.de/CCC/28C3/mp4-h264-HQ/28c3-4680-en-effective_dos_attacks_against_web_application_platforms_h264.mp4
  http://mirror.fem-net.de/CCC/28C3/mp4-h264-HQ/28c3-4680-en-effective_dos_attacks_against_web_application_platforms_h264.mp4.sha1
  http://mirror.fem-net.de/CCC/28C3/mp4-h264-HQ/28c3-4680-en-effective_dos_attacks_against_web_application_platforms_h264.mp4.torrent



Ciao,
   Oliver