Re: Novell NetWare webservers DoS

From: Artur Urbanowicz (ARTURat_private)
Date: Thu Jun 17 1999 - 09:10:48 PDT

Next message: acpizer: "Re: tcpdump 3.4 bug?"

Previous message: eEye - Digital Security Team: "Filter Patch for .HTR requests... keeps sever functionality."
Maybe in reply to: Przemyslaw Frasunek: "Novell NetWare webservers DoS"
Next in thread: Przemyslaw Frasunek: "Re: Novell NetWare webservers DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

Przemyslaw Frasunek <venglinat_private> writes:
> [...]
>               Novell NetWare webservers remote denial of service
>                        <venglinat_private>
> [...]
>   - Novell NetWare ?.? with YAWN/1.05 (crc:E8B0):
>     Webserver crash.
>
>   - Novell NetWare 3.12 with YAWN/1.05 (crc:E8B0):
>     No problems.
>
>   - Novell NetWare 4.11 with YAWN/1.05 (crc:E8B0):
>     No problems.
> [...]
>  ./www copernicus.9lo.lublin.pl 80 10 10000
> [...]

I have tested your exploit on Yawn HTTPD in various environment
(NetWare 3.11, 3.12, 4.10, 4.11) and I'm quite sure the program
should not crash the NetWare with my web server on the top.
Can anybody correct me or provide additional information?

Regards,
Artur Urbanowicz

Next message: acpizer: "Re: tcpdump 3.4 bug?"
Previous message: eEye - Digital Security Team: "Filter Patch for .HTR requests... keeps sever functionality."
Maybe in reply to: Przemyslaw Frasunek: "Novell NetWare webservers DoS"
Next in thread: Przemyslaw Frasunek: "Re: Novell NetWare webservers DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:49:54 PDT