|
Bugtraq
mailing list archives
Re: Sample DOS against the Sambar HTTP-Server
From: conrad.d () GMX DE (Dennis Conrad)
Date: Sat, 9 Oct 1999 03:17:47 +0200
First of all: The DoS WORKS. Tod Sambar himself tested it and found
his server vulnerable. But: You´re right Steve!
print $remote "GET " . "X" x 99999999999999999999 . " HTTP/1.0\n\n";
Ther are too many 9s. My Perl (v.5005_02 running an Linux 2.2.12) only
prints a "GET<space><space>HTTP/1.0" as well. If you use a few 9s less,
you´ll get a "Out of memory".
I´m really sorry about this, but I´m not an experienced programmer and
it was late at night when threw this together.
I conclude that the script as posted will not DoS the server even if
it is vulnerable, unless a simple "GET HTTP/1.0" triggers the DoS.
Well, it WILL DoS the server, but due to the lack of an Windows box I
can´t say if there have to be two <space>s or one is enough.
I suggest that until the nature of the DoS is clarified anyone using
the script to test their own server should try it as-is, then try it
with fewer 9s (probably 9999 or 99999, maybe more if it's a resource
exhaustion DoS).
No, that definetly does NOT work.
Thanks to Steve for reporting this. My failure.
Please note that the version on http://www.sambar.com is STILL vulnerable
and there has been NO security advise by Tod Sambar!
\---------------------[ Dennis Conrad ]-----------------\
\-------------------[ conrad.d () gmx de ]-----------------\
\---------[ http://www.linuxstart.com/~dennis ]---------\
 By Date 
By Thread
Current thread:
- Re: RFP9903: AeDebug vulnerability, (continued)
| 
Intro
