Re: Apache Exploit

From: Michal Zalewski (lcamtufat_private)
Date: Thu Jun 20 2002 - 15:43:49 PDT

  • Next message: Tina Bird: "Re: apache chunked encoding"

    On Thu, 20 Jun 2002, Randy Taylor wrote:
    
    > Yep it works. Not only that, but preliminary indications are that those
    > OS'es not specifically supported in the GOBBLES 'sploit can be DOS'ed by
    > it. I've totally hosed RH Linux and FreeBSD boxen with it so far.
    
    How come? At worst, Apache child on Linux should segfault and be restarted
    (which is a bit resource- and time-expensive operation, but no biggie).
    Perhaps you just DoSed it on TCP level? Or some other symptoms? Just
    curious.
    
    -- 
    _____________________________________________________
    Michal Zalewski [lcamtufat_private] [security]
    [http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};:
    =-=> Did you know that clones never use mirrors? <=-=
              http://lcamtuf.coredump.cx/photo/
    



    This archive was generated by hypermail 2b30 : Thu Jun 20 2002 - 16:02:42 PDT