Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Apache DoS attack?

From: markl () ftech net (Mark Lowes)
Date: Tue, 30 Dec 1997 11:59:55 GMT

----=_34a8e23b943997180eb3fac9.MFSBCHJLHS
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

On Tue, 30 Dec 1997 11:07:04 +0100, you wrote:


[execuse me if it has been discovered before]


First I've heard.


Here's a simple exploit for Apache httpd version 1.2.x (tested on 1.2.4).
When launched, causes incerases of victim's load average and extreme
slowdowns of disk operations. On my i586 Linux annoying slowdown has been
experienced immediately (after maybe 5 seconds). After about 4 minutes
work has been turned into real hell (286?).


Ok here's an initial patch, I'm sure someone will come up with something
better and more effcient but it works. :)

        Mark

--
+--------------------------------------------------------------------+
| Frontier Internet Services Ltd - Disclaimer;                       |
|                                                                    |
| All statements made and agreements come to by means of email are   |
| at all times subject to Frontier's Terms and Conditions of service |
| and product descriptions / sales literature. Representations made  |
| above and beyond those contained there in are not to be relied     |
| upon and are at no time contractually binding.                     |
+--------------------------------------------------------------------+

----=_34a8e23b943997180eb3fac9.MFSBCHJLHS
Content-Type: application/octet-stream; name=beck.patch
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=beck.patch

LS0tIC91c3Ivc3JjL2FwYWNoZV8xLjIuNC9zcmMvaHR0cF9wcm90b2NvbC5jCUZyaSBBdWcgMTUg
MTc6MDg6NTEgMTk5NworKysgL3Vzci9zcmMvYXBhY2hlXzEuMi40LnBhdGNoL3NyYy9odHRwX3By
b3RvY29sLmMJVHVlIERlYyAzMCAxMTo1NDozNyAxOTk3CkBAIC01MTAsNiArNTEwLDExIEBACiAg
ICAgaW50IGxvb3A7CiAjZW5kaWYKIAorLyogLS0gbmVlZGVkIGZvciBGcm9udGllciBwYXRjaCAt
LSAqLworICAgIGludCBGdGVjaF9sb29wOworICAgIGludCBGdGVjaF9jb3VudDsKKy8qIC0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0gKi8KKwogLyogQSBwcm94eSByZXF1ZXN0IGNvbnRh
aW5zIGEgJzonIGVhcmx5IG9uLCBidXQgbm90IGFzIGZpcnN0IGNoYXJhY3RlciAqLwogICAgIGZv
ciAocz11cmk7IHMgIT0gJ1wwJzsgcysrKQogCWlmICghaXNhbG51bSgqcykgJiYgKnMgIT0gJysn
ICYmICpzICE9ICctJyAmJiAqcyAhPSAnLicpIGJyZWFrOwpAQCAtNTQxLDYgKzU0NiwzMCBAQAog
ICAgIC8qIEZpeCBPUy8yIEhQRlMgZmlsZW5hbWUgY2FzZSBwcm9ibGVtLiAqLwogICAgIHItPnVy
aSA9IHN0cmx3cihyLT51cmkpOwogI2VuZGlmCisKKy8qCisgKiBGcm9udGllciBwYXRjaCB0byBm
aXggYnVndHJhcSByZXBvcnRlZCBleHBsb2l0CisgKi8KKworICAgRnRlY2hfY291bnQ9MDsKKyAg
IGZvciAoRnRlY2hfbG9vcCA9IDA7IEZ0ZWNoX2xvb3AgPD0gc3RybGVuKHItPnVyaSk7ICsrRnRl
Y2hfbG9vcCkgeworICAgICAgIGlmIChyLT51cmlbRnRlY2hfbG9vcF0gPT0gJy8nKQorCSAgCXsg
CisJCUZ0ZWNoX2NvdW50Kys7IAorCQl9CisJZWxzZQorCSAgeworCSAgRnRlY2hfY291bnQ9MDsK
KwkgIH0KKwlpZiggRnRlY2hfY291bnQgPj0gNiApCisJICB7IAorCSAgci0+dXJpWzBdPScvJzsK
KwkgIHItPnVyaVsxXT0nXDAnOworCSAgYnJlYWs7CisJICB9CisgICB9OworCisvKiAtLS0gZW5k
IHBhdGNoIC0tLSAqLwogCiAJaWYgKCp1cmkpIHItPmFyZ3M9IHBzdHJkdXAoci0+cG9vbCwgdXJp
KTsKIAllbHNlIHItPmFyZ3MgPSBOVUxMOwo=

----=_34a8e23b943997180eb3fac9.MFSBCHJLHS--
Previous By Date Next
Previous By Thread Next

Current thread: