Bugtraq mailing list archives
Re: Web servers / possible DOS Attack / mime header flooding
From: dleeds () dfacades com (Daniel Leeds)
Date: Thu, 3 Sep 1998 14:51:42 -0700
however some other 3rd party products appear vulnerable. UnityMail 2.0 for 95/NT *IS* vulnerable to the DOS. CPU load forks to 100%, the system is useable, however all access to the UnityMail administrative web server is hung. The above is probably not a huge deal, other than annoying mailing list admins who want to access their lists via the web admin, but i think its probably illustrative of a wider scope---> how many other administrative web interfaces, commercial http servers, etc are vulnerable to this denial of service? On 03-Sep-98 Rich Wood wrote:
On 3 Sep 98, at 12:34, Laurent FACQ wrote:# => by sending a crazy amount of 8000 bytes headers, it's possible # to consume a lot of memory (and of course CPU). The point # is that httpd daemons grow and STAY at this big size (or die # if you send too much)Tried against apache 1.3.1 on FreeBSD 2.2.6 (DX2-66 16Mb), script hung after 2500 headers with apache using 30Mb. Tried against apache 1.3.1 on NT4 (workstation) SP3 (P200 64Mb), after 7500 headers, apache was using 120Mb RAM and the box ground to a halt. It didn't actually crash apache on either box, but severely reduced the usefulness of the systems. Rich -- Rich Wood
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Daniel Leeds Systems Administrator dleeds () dfacades com DigitalFacades -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Current thread:
- Re: Security Hole in Axent ESM Jeffrey Hutzelman (Aug 31)
- Re: Security Hole in Axent ESM Caskey L. Dickson (Sep 01)
- Re: Security Hole in Axent ESM Taral (Sep 02)
- Re: Security Hole in Axent ESM Patrick (Sep 02)
- Borderware predictable initial TCP racer-x () ALTAVISTA NET (Sep 02)
- Re: Borderware predictable initial TCP Aggelos P. Varvitsiotis (Sep 03)
- Web servers / possible DOS Attack / mime header flooding Laurent FACQ (Sep 03)
- Re: Web servers / possible DOS Attack / mime header flooding Vanja Hrustic (Sep 03)
- wwwboard.pl vulnerability bugtraq (Sep 03)
- Re: Web servers / possible DOS Attack / mime header flooding Rich Wood (Sep 03)
- Re: Web servers / possible DOS Attack / mime header flooding Daniel Leeds (Sep 03)
- Re: Web servers / possible DOS Attack / mime header flooding Lars Eilebrecht (Sep 03)
- Re: Security Hole in Axent ESM Taral (Sep 02)
- Fwd: [ISN] Another BO detector that is actually a trojan Reuben Yau (Sep 03)
- Security Bulletins Digest (fwd) Piotr Strzy¿ewski (Sep 03)
- Back Orifice detection and removal The Late Ian Angles (Sep 03)
- Re: Security Hole in Axent ESM Caskey L. Dickson (Sep 01)
- Cisco Security Notice: PIX Firewall Manager File Exposure psirt () CISCO COM (Sep 02)
- <Possible follow-ups>
- Re: Security Hole in Axent ESM Jim Dennis (Sep 03)
- Re: Security Hole in Axent ESM dcupp () SNAKEBITE COM (Sep 24)