Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Sample DOS against the Sambar HTTP-Server

From: conrad.d () GMX DE (Dennis Conrad)
Date: Sat, 9 Oct 1999 03:17:47 +0200

First of all: The DoS WORKS. Tod Sambar himself tested it and found
his server vulnerable. But: You´re right Steve!


print $remote "GET " . "X" x 99999999999999999999 . " HTTP/1.0\n\n";


Ther are too many 9s. My Perl (v.5005_02 running an Linux 2.2.12) only
prints a "GET<space><space>HTTP/1.0" as well. If you use a few 9s less,
you´ll get a "Out of memory".

I´m really sorry about this, but I´m not an experienced  programmer and
it was late at night when  threw this together.


I conclude that the script as posted will not DoS the server even if
it is vulnerable, unless a simple "GET  HTTP/1.0" triggers the DoS.


Well, it WILL DoS the server, but due to the lack of an Windows box I
can´t say if there have to be two <space>s or one is enough.


I suggest that until the nature of the DoS is clarified anyone using
the script to test their own server should try it as-is, then try it
with fewer 9s (probably 9999 or 99999, maybe more if it's a resource
exhaustion DoS).


No, that definetly does NOT work.

Thanks to Steve for reporting this. My failure.

Please note that the version on http://www.sambar.com is STILL vulnerable
and there has been NO security advise by Tod Sambar!

\---------------------[ Dennis Conrad ]-----------------\
 \-------------------[ conrad.d () gmx de ]-----------------\
  \---------[ http://www.linuxstart.com/~dennis ]---------\
Previous By Date Next
Previous By Thread Next

Current thread: