Bugtraq mailing list archives
Re: IBM HTTP SERVER / APACHE (DoS)
From: hdm () SECUREAUSTIN COM (H D Moore)
Date: Thu, 1 Jun 2000 10:36:09 -0500
Hi, I could not reproduce the crash detailed below, but have been seeing some odd inconsistent behavior when requesting URLs like: /DIR/%2e%2e%2e%2e/%2f - would sometimes return double HTTP headers ??? Another interesting tidbit; the Win32 server sees the con/aux/com1 devices and attempting to request them gives a 403 Access Denied. It also seems to dislike <> chars in the requests... -HD I wrote: [ snip ]
and the server told me /DIR/... was not found... And finally I tried: GET /DIR/%2e%2f%2e%2e%2e HTTP/1.0 And the server simple crashed, burned, and stopped accepting connections. Whether the DoS was triggered by the earlier request containing the null character or the single %2e%2f sequence is unknown. Since I did not have access to the test machine's console, I dont know what the impact besides the obvious DoS is...
Current thread:
- Re: IBM HTTP SERVER / APACHE (DoS) H D Moore (Jun 01)
- Re: IBM HTTP SERVER / APACHE (DoS) H D Moore (Jun 01)
- [rootshell.com] Xterm DoS Attack Kit Knox (Jun 01)
- Re: [rootshell.com] Xterm DoS Attack Michael Jennings (Jun 01)
- Re: [rootshell.com] Xterm DoS Attack Walt (Jun 01)
- Re: [rootshell.com] Xterm DoS Attack Soeren Staun-Pedersen (Jun 02)
- Insecure encryption in PassWD v1.2 Daniel Roethlisberger (Jun 03)
- Re: [rootshell.com] Xterm DoS Attack Wakko Ellington Warner-Warner III (Jun 04)
- Linux-Mandrake Xlockmore security update Chmouel Boudjnah (Jun 04)
- Microsoft BackOffice component: adredir.asp Michal Zalewski (Jun 03)
- Re: [rootshell.com] Xterm DoS Attack Darren Reed (Jun 02)
- Re: [rootshell.com] Xterm DoS Attack gavina () CSIS GVSU EDU (Jun 02)