Bugtraq mailing list archives
Re: YA Apache DoS attack
From: bugtraq () ANKH SAMIAM ORG (bugtraq)
Date: Sun, 9 Aug 1998 12:53:56 -0700
And here's a band-aid for 1.3.1 - I'm sure we'll come up with something better soon. This (untested) patch should prevent the worst effects. A similar patch should work for 1.2.x.
A similar version of this patch works against Apache 1.2.5. I have made RPMs for RedHat, Caldera, SuSE, TurboLinux, and other RPM-based systems available at this location: http://www.samiam.org/blackdragon Patch for Apache 1.2.5 included. I have verified that this patch protects Apache 1.2.5 from the sioux DOS attack. - Sam *** apache_1.2.5/src/http_protocol.c.orig Sun Aug 9 11:44:00 1998 --- apache_1.2.5/src/http_protocol.c Sun Aug 9 11:53:13 1998 *************** *** 659,664 **** --- 659,665 ---- int len; char *value; char field[MAX_STRING_LEN]; + int nheaders=0; /* Read header lines until we get the empty separator line, * a read error, the connection closes (EOF), or we timeout. *************** *** 674,679 **** --- 675,686 ---- while (isspace(*value)) ++value; /* Skip to start of value */ table_merge(r->headers_in, field, value); + + if(++nheaders >= 100) { + r->status = HTTP_BAD_REQUEST; + return; + } + } }
Current thread:
- Re: YA Apache DoS attack Ben Laurie (Aug 07)
- Re: YA Apache DoS attack GoatBoy (Aug 07)
- Re: YA Apache DoS attack bugtraq (Aug 09)
- <Possible follow-ups>
- Re: YA Apache DoS attack Dag-Erling Coidan Smørgrav (Aug 08)
- Re: YA Apache DoS attack Scott Burke (Aug 15)
- Re: YA Apache DoS attack Marc Slemko (Aug 15)