Decompression bombs materialise on the web as new threat
London, UK - 10 March 2004, 12:45 GMT - Decompression bombs are starting
to make the rounds in cyberspace and pose a rising digital risk. Decompression
bombs are specially crafted files designed to be decompressed into much larger
files with bogus content that consume the available space, effectively using
up all the disk space on the machine running the anti-virus scans. Data compression
often works by coding repeat units of data - for example a string like "aaaaaaaaaa"
could be represented as "a10". The vulnerability of this process
is that an attacker could send a file containing "a1000000000...",
which could result in a massive denial of service if any attempt is made to
put it through a decompression engine.