Bugtraq mailing list archives

Re: IBM HTTP SERVER / APACHE (DoS)

From: hdm () SECUREAUSTIN COM (H D Moore)
Date: Thu, 1 Jun 2000 10:36:09 -0500


Hi,

I could not reproduce the crash detailed below, but have been seeing
some odd inconsistent behavior when requesting URLs like:

/DIR/%2e%2e%2e%2e/%2f - would sometimes return double HTTP headers ???

Another interesting tidbit; the Win32 server sees the con/aux/com1
devices and attempting to request them gives a 403 Access Denied.  It
also seems to dislike <> chars in the requests...

-HD

I wrote:
[ snip ]

and the server told me /DIR/... was not found...
And finally I tried:

        GET /DIR/%2e%2f%2e%2e%2e HTTP/1.0

And the server simple crashed, burned, and stopped accepting
connections.  Whether the DoS was triggered by the earlier request
containing the null character or the single %2e%2f sequence is unknown.
Since I did not have access to the test machine's console, I dont know
what the impact besides the obvious DoS is...

Current thread:

Re: IBM HTTP SERVER / APACHE (DoS) H D Moore (Jun 01)
- Re: IBM HTTP SERVER / APACHE (DoS) H D Moore (Jun 01)
- [rootshell.com] Xterm DoS Attack Kit Knox (Jun 01)
  - Re: [rootshell.com] Xterm DoS Attack Michael Jennings (Jun 01)
  - Re: [rootshell.com] Xterm DoS Attack Walt (Jun 01)
    - Re: [rootshell.com] Xterm DoS Attack Soeren Staun-Pedersen (Jun 02)
    - Insecure encryption in PassWD v1.2 Daniel Roethlisberger (Jun 03)
    - Re: [rootshell.com] Xterm DoS Attack Wakko Ellington Warner-Warner III (Jun 04)
    - Linux-Mandrake Xlockmore security update Chmouel Boudjnah (Jun 04)
    - Microsoft BackOffice component: adredir.asp Michal Zalewski (Jun 03)
  - Re: [rootshell.com] Xterm DoS Attack Darren Reed (Jun 02)
    - Re: [rootshell.com] Xterm DoS Attack gavina () CSIS GVSU EDU (Jun 02)

(Thread continues...)