[5887] in bugtraq
Re: Apache DoS attack?
daemon@ATHENA.MIT.EDU (Mark Lowes)
Tue Dec 30 14:18:30 1997
Date: Tue, 30 Dec 1997 11:59:55 GMT
Reply-To: markl@ftech.net
From: Mark Lowes <markl@FTECH.NET>
X-To: =?UNKNOWN-8BIT?Q?Micha=B3?= Zalewski <lcamtuf@POLBOX.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <01bd150a$adb1aa40$987c74c3@lcamtuf>
----=_34a8e23b943997180eb3fac9.MFSBCHJLHS
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
On Tue, 30 Dec 1997 11:07:04 +0100, you wrote:
>[execuse me if it has been discovered before]
First I've heard.
>Here's a simple exploit for Apache httpd version 1.2.x (tested on 1.2.4).
>When launched, causes incerases of victim's load average and extreme
>slowdowns of disk operations. On my i586 Linux annoying slowdown has been
>experienced immediately (after maybe 5 seconds). After about 4 minutes
>work has been turned into real hell (286?).
Ok here's an initial patch, I'm sure someone will come up with something
better and more effcient but it works. :)
Mark
--
+--------------------------------------------------------------------+
| Frontier Internet Services Ltd - Disclaimer; |
| |
| All statements made and agreements come to by means of email are |
| at all times subject to Frontier's Terms and Conditions of service |
| and product descriptions / sales literature. Representations made |
| above and beyond those contained there in are not to be relied |
| upon and are at no time contractually binding. |
+--------------------------------------------------------------------+
----=_34a8e23b943997180eb3fac9.MFSBCHJLHS
Content-Type: application/octet-stream; name=beck.patch
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=beck.patch
LS0tIC91c3Ivc3JjL2FwYWNoZV8xLjIuNC9zcmMvaHR0cF9wcm90b2NvbC5jCUZyaSBBdWcgMTUg
MTc6MDg6NTEgMTk5NworKysgL3Vzci9zcmMvYXBhY2hlXzEuMi40LnBhdGNoL3NyYy9odHRwX3By
b3RvY29sLmMJVHVlIERlYyAzMCAxMTo1NDozNyAxOTk3CkBAIC01MTAsNiArNTEwLDExIEBACiAg
ICAgaW50IGxvb3A7CiAjZW5kaWYKIAorLyogLS0gbmVlZGVkIGZvciBGcm9udGllciBwYXRjaCAt
LSAqLworICAgIGludCBGdGVjaF9sb29wOworICAgIGludCBGdGVjaF9jb3VudDsKKy8qIC0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0gKi8KKwogLyogQSBwcm94eSByZXF1ZXN0IGNvbnRh
aW5zIGEgJzonIGVhcmx5IG9uLCBidXQgbm90IGFzIGZpcnN0IGNoYXJhY3RlciAqLwogICAgIGZv
ciAocz11cmk7IHMgIT0gJ1wwJzsgcysrKQogCWlmICghaXNhbG51bSgqcykgJiYgKnMgIT0gJysn
ICYmICpzICE9ICctJyAmJiAqcyAhPSAnLicpIGJyZWFrOwpAQCAtNTQxLDYgKzU0NiwzMCBAQAog
ICAgIC8qIEZpeCBPUy8yIEhQRlMgZmlsZW5hbWUgY2FzZSBwcm9ibGVtLiAqLwogICAgIHItPnVy
aSA9IHN0cmx3cihyLT51cmkpOwogI2VuZGlmCisKKy8qCisgKiBGcm9udGllciBwYXRjaCB0byBm
aXggYnVndHJhcSByZXBvcnRlZCBleHBsb2l0CisgKi8KKworICAgRnRlY2hfY291bnQ9MDsKKyAg
IGZvciAoRnRlY2hfbG9vcCA9IDA7IEZ0ZWNoX2xvb3AgPD0gc3RybGVuKHItPnVyaSk7ICsrRnRl
Y2hfbG9vcCkgeworICAgICAgIGlmIChyLT51cmlbRnRlY2hfbG9vcF0gPT0gJy8nKQorCSAgCXsg
CisJCUZ0ZWNoX2NvdW50Kys7IAorCQl9CisJZWxzZQorCSAgeworCSAgRnRlY2hfY291bnQ9MDsK
KwkgIH0KKwlpZiggRnRlY2hfY291bnQgPj0gNiApCisJICB7IAorCSAgci0+dXJpWzBdPScvJzsK
KwkgIHItPnVyaVsxXT0nXDAnOworCSAgYnJlYWs7CisJICB9CisgICB9OworCisvKiAtLS0gZW5k
IHBhdGNoIC0tLSAqLwogCiAJaWYgKCp1cmkpIHItPmFyZ3M9IHBzdHJkdXAoci0+cG9vbCwgdXJp
KTsKIAllbHNlIHItPmFyZ3MgPSBOVUxMOwo=
----=_34a8e23b943997180eb3fac9.MFSBCHJLHS--
