Tweet
This is a particularly interesting security vulnerability because it relies on the algorithmic properties of the data structures people use to build their applications:
http://jruby.org/2011/12/27/jruby-1-6-5-1
tl;dr: if an attacker knows an application uses a particular hash function and can make that application hash data, it can ensure all the values it sends wind up in a particular "bucket" within the hash table. Normally hash tables solve this problem by expanding the number of buckets and rebalancing the data, however an attacker with sophisticated enough knowledge of the hash algorithm being used can craft keys which will always hash to the same bucket.
Flooding a particular bucket with data negates the algorithmic properties a hash table normally affords, and could be used to selectively make particular data in a system unavailable by flooding the bucket it's in with garbage data.
This is interesting in that it's not just a specific attack on a particular framework/platform, but an idea that can be applied to any systems that hash user input with known algorithmic properties.
http://jruby.org/2011/12/27/jruby-1-6-5-1
tl;dr: if an attacker knows an application uses a particular hash function and can make that application hash data, it can ensure all the values it sends wind up in a particular "bucket" within the hash table. Normally hash tables solve this problem by expanding the number of buckets and rebalancing the data, however an attacker with sophisticated enough knowledge of the hash algorithm being used can craft keys which will always hash to the same bucket.
Flooding a particular bucket with data negates the algorithmic properties a hash table normally affords, and could be used to selectively make particular data in a system unavailable by flooding the bucket it's in with garbage data.
This is interesting in that it's not just a specific attack on a particular framework/platform, but an idea that can be applied to any systems that hash user input with known algorithmic properties.