Here's an interesting security noodle from Yoz Grahame: some (meaningless) data is highly compressible using standard compression algorithms — what would it do your computer if the payloads in automatically decompressed messages went from 7kb to 100gb?
Here's an example scenario: A mail arrives at your super-barbed-wire-protected mail gateway. The gzip-compressed attachment – only 7k big – is grabbed by the anti-virus scanner, looking for any suspicious signatures. It starts to decompress it and BANG – the resulting file, over 100 gigabytes, crashes the AV scanner and completely fills the hard drive partition in the process.
Fortunately, a good number of the AV scanners that AERAsec tested aren't too vulnerable, but some require patching. Similarly, sending a gzipped-HTML bomb to a browser will crash a fair few of them. Not so scary, then, but nifty in an admirably-nasty way.
