[OWASP-TESTING] Application DoS Section

Shields, Larry Larry.Shields at FMR.COM
Tue Sep 6 10:43:31 EDT 2005


*nod* I agree with you.  The tricky part is coming up with a
definitional level of what should make the cut and what shouldn't.  Like
I mentioned, I fully agree Buffer Overflow based DoS should be in there
(it is now) because you're going to find the DoS before it eventually
becomes a command execution problem.  I guess I'll take a stab at
writing up a kind of catch-all paragraph or two that mentions DoS
possibilities that can occur while attempting to use other exploits such
as SQL Injection or various OS command execution exploits.  Then we can
take it from there with that as a starting point, and figure out if we
need more coverage, etc.

-Larry 

-----Original Message-----
From: Mauro Bregolin [mailto:mauro.bregolin at gmail.com] 
Sent: Tuesday, September 06, 2005 10:39 AM
To: Shields, Larry; 'Javier Fernandez-Sanguino'
Cc: owasp-testing at lists.sourceforge.net
Subject: RE: [OWASP-TESTING] Application DoS Section

Larry,

I agree on what you're saying, and in fact it might not be beneficial to
modify the whole document.
However, while causing a DoS might be pointless in the scope of testing,
citing DoS as a possible outcome of an attack might have some value, if
not for the reason that you might cause a DoS yourself when testing.
It is true that this is more likely with some vectors (e.g.,
malfunctioning
BOFs) than others, where you have to do it purposefully. SQL injection
probably is of the latter kind; though, if you can play with UPDATE
commands you can do quite some harm and one could argue that if you
don't know the internal semantics you might inadvertently cause
unintended damage and consequently DoS.
Hope it doesn't appear too confusing...

Mauro




More information about the Owasp-testing mailing list