Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: DoS in Apache 2.0.52 ?
From: Michal Zalewski <lcamtuf () ghettot org>
Date: Mon, 1 Nov 2004 16:38:42 +0100 (CET)

On Mon, 1 Nov 2004, Chintan Trivedi wrote:

GET / HTTP/1.0\n
[space] x 8000\n
[space] x 8000\n
[space] x 8000\n
.
.
8000 times

I created 25 threads (connections) and send the above request to one
webserver.

This is circa 1.5 GB of data (61 MB per connection), at which point you
probably either caused an (improperly configured) server to kill random
processes on OOM, or swapped it to death.

This seems to be a valid DoS, and Apache most certainly should refuse such
an attack (historically, they had several other header parsing flaws).
This attack is probably not particularly efficient, compared to, say, a
good old connection flood, should you have 1.6 GB of bandwidth to spare.

/mz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault