RE: Apache chunked encoding and Solaris/Sparc

[Robert Buckley <rbuckley () synapsemail com>]

Ive tested Gobbles code against Solaris Sparc Solaris 8
and it kills the child processes, leaving the single process running 
as root alive. Connections from clients are still able to be created at this
point.
Running the exploit in brute force mode though, again kills the child procs
at some point.
A steady stream of the running code may cause some disconnects.
It did not appear to be causing a global system DoS.

-----Original Message-----
From: Pavel Kankovsky [mailto:peak () argo troja mff cuni cz]
Sent: Tuesday, June 25, 2002 5:59 PM
To: vuln-dev () securityfocus com
Subject: Apache chunked encoding and Solaris/Sparc


Has anyone (besides the omnipotent Gobbles, of course) managed to harm
Apache running on Solaris/Sparc? As far as I can tell, Solaris
implementation of memcpy() does NOTHING when it gets a negative length,
and Solaris read() fails with EINVAL when the length is negative.

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."