Re: Sample DOS against the Sambar HTTP-Server

[syz () DDS NL (syz)]

I've tested it on sambar 4.2.1 and it's indeed
GET  HTTP/1.0 to crash the sambar server.

Steve wrote:

> On Mon, Oct 04, 1999 at 12:58:40AM -0000, Dennis Conrad wrote:
> > #!/usr/bin/perl
> >
> > #########
> > # Sample DOS against the Sambar HTTP-Server
> [snip]
> > print $remote "GET " . "X" x 99999999999999999999 . " HTTP/1.0\n\n";
>
> Using that many 9s on my version of Perl fails silently. The above
> seems equivalent to: print $remote "GET  HTTP/1.0\n\n";
>
> > steve@grok:/home/steve% perl -e 'print "X"x99999999999999999999;'
> > steve@grok:/home/steve% perl -e 'print "X"x99999999999999999999 || die;'
> Died at -e line 1.
> > steve@grok:/home/steve% perl -v
>
> This is perl, version 5.005_03 built for i386-freebsd
> [etc.]
>
> I don't have a Sambar HTTP server to test against but it seems clear
> that the code won't work the way the author expected. Perl doesn't
> even try to build a string that long. If it did it would run out of
> memory and then fail.
>
> I conclude that the script as posted will not DoS the server even if
> it is vulnerable, unless a simple "GET  HTTP/1.0" triggers the DoS.
>
> I suggest that until the nature of the DoS is clarified anyone using
> the script to test their own server should try it as-is, then try it
> with fewer 9s (probably 9999 or 99999, maybe more if it's a resource
> exhaustion DoS).