Bugtraq mailing list archives
Re: YA Apache DoS attack
From: andik () ns upet ro (Kovacs Andrei)
Date: Sun, 16 Aug 1998 02:18:38 -0200
On Fri, 7 Aug 1998, Dag-Erling Coidan [ISO-8859-1] Smørgrav wrote:
There seems to be a simple way of badly DoSing any Apache server. It involved a massive memory leak in the way it handles incoming request headers. I based my exploit on the assumption that they use setenv() (which they don't) and that the bug occurs when you send a header that will end up as an environment variable if you request a CGI script (such as User-Agent), but I have since verified that there is no connection there. Anyway, you can blow Apache through the roof by sending it tons of headers - the server's memory consumption seems to be a steep polynomial of the amount of data you send it. Below is a snapshot of top(1) about one minute after I sent my server a request with 10,000 copies of "User-Agent: sioux\r\n" (totalling 190,016 bytes of data)
Today when I was looking at the Apache 1.3.1 help files i've found a parameter that might stop this: "RLimitMem". I guess this should make Apache use only the amount of memory that you want to. Andy
Current thread:
- Re: Eudora executes (Java) URL, (continued)
- Re: Eudora executes (Java) URL John D. Hardin (Aug 07)
- Re: Eudora executes (Java) URL John D. Hardin (Aug 08)
- IRIX IP Spoofing/TCP Sequence Attack Update SGI Security Coordinator (Aug 06)
- IRIX BIND DNS Vulnerabilities Update SGI Security Coordinator (Aug 06)
- BSD/Qualcomm qpopper Vulnerability SGI Security Coordinator (Aug 06)
- University of Washington imapd daemon Vulnerability SGI Security Coordinator (Aug 06)
- New Eudora bug ? Patrick Oonk (Aug 07)
- YA Apache DoS attack Dag-Erling Coidan Smørgrav (Aug 07)
- Re: YA Apache DoS attack Marc Slemko (Aug 07)
- Re: YA Apache DoS attack Dean Gaudet (Aug 07)
- Re: YA Apache DoS attack Kovacs Andrei (Aug 15)
- Re: New Eudora bug ? Anthony Roybal (Aug 07)