[7878] in bugtraq
Re: Web servers / possible DOS Attack / mime header flooding
daemon@ATHENA.MIT.EDU (Daniel Leeds)
Thu Sep 3 18:40:26 1998
Date: Thu, 3 Sep 1998 14:51:42 -0700
Reply-To: dleeds@dfacades.com
From: Daniel Leeds <dleeds@DFACADES.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <B0000007638@bastard.chugaboom.net>
IIS on NT 4.0 sp3, and the stock windows 98 http server appear to be immune.
however some other 3rd party products appear vulnerable.
UnityMail 2.0 for 95/NT *IS* vulnerable to the DOS. CPU load forks to 100%,
the system is useable, however all access to the UnityMail administrative web
server is hung.
The above is probably not a huge deal, other than annoying mailing list admins
who want to access their lists via the web admin, but i think its probably
illustrative of a wider scope---> how many other administrative web interfaces,
commercial http servers, etc are vulnerable to this denial of service?
On 03-Sep-98
Rich Wood wrote:
> On 3 Sep 98, at 12:34, Laurent FACQ wrote:
>> # => by sending a crazy amount of 8000 bytes headers, it's possible
>> # to consume a lot of memory (and of course CPU). The point
>> # is that httpd daemons grow and STAY at this big size (or die
>> # if you send too much)
>
> Tried against apache 1.3.1 on FreeBSD 2.2.6 (DX2-66 16Mb), script hung
> after 2500 headers with apache using 30Mb.
>
> Tried against apache 1.3.1 on NT4 (workstation) SP3 (P200 64Mb), after
> 7500 headers, apache was using 120Mb RAM and the box ground to a halt.
>
> It didn't actually crash apache on either box, but severely reduced the
> usefulness of the systems.
>
> Rich
> --
> Rich Wood
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Daniel Leeds Systems Administrator
dleeds@dfacades.com DigitalFacades
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
