Are Denial of Service (DoS) vulnerabilities discovered just failed Remote Code Execution (RCE) discoveries?

I notice with a lot of these DoS vulnerabilities disclosed (whether found ethically/unethically), that it involves inserting code somewhere it shouldn't be to be (similar to RCE, except that it just isn't code that can be executed and just causes the system to freeze up and go offline).

It looks like the person discovering the vulnerability would have tried different things to insert to see if it could result in RCE, but at the minimum could result in DoS. Is this there any connection here or is it just not that straight forward?

submitted by /u/tacostocks
[link] [comments]

from hacking: security in practice https://ift.tt/G9omDuk

Comments