|laziness, impatience, and hubris|
DOS attack with hash collisions (Perl rulez)by LanX (Bishop)
|on Dec 29, 2011 at 16:28 UTC||Need Help??|
LanX has asked for the
wisdom of the Perl Monks concerning the following question:
Germany's biggest online-newspaper puplished today that most webservers are vulnerable because of hash-collisions in web-languages.
Since they didn't mention Perl, I did some investigation finding this publication
So Perl already fixed this in 2003 and the authors used this knowledge to attack the other languages ... xD
see also hash collision DOS
I remember that this issue was mentioned somewhere in the perldocs (IMHO regarding the unpredictable order of storing hash-values)...
Question: Can someone help me find the corresponding perldocs?