DoS for the iPlanet Web Server, Enterprise Edition 4.1

[ohki () LAC CO JP (-Eiji Ohki-)]

Hello,

I could find out the denial of service effected to iPlanet
Web Server, Enterprise Edition 4.1 on Linux 2.2.5(Redhat6.1J;
Kernel 2.2.12).

When I tried to send the request "GET" of seven hundred times
your product consumed all memory resouce and karnel paniced.
The size of GET command to your product was about a couple of
thousands.

But I could not find out any problem when I gave same situation
to the Enterprise Server International Edition 3.6SP2 on
Solaris 2.6J (Sparc), the Enterprise Server 3.6SP3 on Solaris
2.6J (Sparc) , the iPlanet Web Server, Enterprise Edition 4.0SP3
on Solaris 2.6J (Sparc) and the Apache httpd on Redhat6.1J.

For example, Apache is able to refuse the attack of DoS, when
the maximam number of fork() is defined propery.
Does this product do nothing?

I have posted this problem to Netscape by input-form on the web.
BUT I have no response from them for three weeks.
So I have sent to the staff of Netscape who use his influence
for me by Feb 18th. BUT he reply me NOTHING yet. They ignore me?

My original message to Netscape is follows.
(I typed and chose on the Web of Netscape.)
> ------------------------------
> From: ohki () lac co jp
> Subject: Denial of Service for the iPlanet Web Server, Enterprise Edition 4.1
>
>    Submitter name:                Eiji Ohki
>    Submitter email address:       ohki () lac co jp
>    Acknowledgement checkbox:      on
>    Product:                       Enterprise Server
>    Version:                       4.1
>    Operating system:              Unix: Sun Solaris 2.x
>    OS version:                    Linux 2.2.5(Redhat6.1J;Kernel 2.2.12
>    Issue summary:                 Denial of service effected to Enterprise Server4.1.
>
> Issue details:
> Dear Sir/Madame,
>
> Hello,
>
> I could find out the denial of service effected to iPlanet
> Web Server, Enterprise Edition 4.1 on Linux 2.2.5(Redhat6.1J;
> Kernel 2.2.12).
>
> When I tried to send the request "GET" of seven hundred times
> your product consumed all memory resouce and karnel paniced.
> The size of GET command to your product was about a couple of
> thousands.
>
> But I could not find out any problem when I gave same situation
> to the Enterprise Server International Edition 3.6SP2 on
> Solaris 2.6J (Sparc), the Enterprise Server 3.6SP3 on Solaris
> 2.6J (Sparc) , the iPlanet Web Server, Enterprise Edition 4.0SP3
> on Solaris 2.6J (Sparc) and the Apache httpd on Redhat6.1J.
>
> Do you have any solutions about this problem ?
> For example, Apache is able to refuse the attack of DoS, when
> the maximam number of fork() is defined propery.
> By the way, I saw this problem is very informative.
> So can I post this isssue to Bugtraq and Bugtraq-JP?
>
>
>
>    Severity:                      Server computer hangs/crashes
>    Can reproduce?:                Yes, Always
>
> Additional computer info:
> CPU:Celeron333MHz
> HD:4.3GB(total), 44% in use.
> Swap:150MB
> No XWindow
>
> ps.This input form do not have selection of OS "Linux".
>     So I chose "Unix:Sun Solaris2.x" unwillingly.
>     I think I have to  choose "Linux: Redhat" or "PC-Unix: Linux".
>
>
> This form was submitted from http://help.netscape.com/forms/bug-server.html
> with Mozilla/4.7 [ja] (WinNT; I).
> ------------------------------

Regards,
Eiji Ohki

 E I J I  O H K I
 ohki () lac co jp
 http://www.lac.co.jp/security/