XML denial-of-service attack

From Wikipedia, the free encyclopedia
Jump to: navigation, search
"XDoS" redirects here. For other uses, see XDOS (disambiguation).

An XML denial-of-service attack (XDoS attack) is a content-borne denial-of-service attack whose purpose is to shut down a web service or system running that service. A common XDoS attack occurs when an XML message is sent with a multitude of digital signatures and a naive parser would look at each signature and use all the CPU cycles, eating up all resources. These are less common than inadvertent XDoS attacks which occur when a programming error by a trusted customer causes a handshake to go into an infinite loop.