Bugtraq: Re: Orange Web Server v2.1 DoS

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Orange Web Server v2.1 DoS

From: bert hubert <ahu () DS9A NL>
Date: Wed, 28 Feb 2001 01:11:34 +0100

On Tue, Feb 27, 2001 at 04:50:46AM -0000, slipy () B10Z NET wrote:

invalid page fault. This is a very strange DoS, see
example.

echo "GET A" | telnet 192.168.0.20 80

^^ = That simple echo & pipe will cause this:

ORANGEWEBSERVER caused an invalid page fault


This DoS is not so very strange, I've seen it a few times before. When
closing a TCP/IP connection very quickly after creating it, it is possible
for a server to try to send data to a closed connection repeatedly without
proper error checking (people don't expect a connection to die instantly
after it was created).

Under UNIX, you can catch or ignore SIGPIPE as a stopgap solution. Windows
will probably have something similar.

Regards,

bert

--
http://www.PowerDNS.com      Versatile DNS Services
Trilab                       The Technology People
'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet

By Date By Thread

Current thread:

Orange Web Server v2.1 DoS slipy (Feb 27)
- Re: Orange Web Server v2.1 DoS bert hubert (Feb 28)