RE: Apache chunked encoding and Solaris/Sparc

From: Robert Buckley (rbuckleyat_private)
Date: Wed Jun 26 2002 - 09:03:50 PDT

  • Next message: Laurentiu Nicula: "Re: Apache vulnerability checking"

    Ive tested Gobbles code against Solaris Sparc Solaris 8
    and it kills the child processes, leaving the single process running 
    as root alive. Connections from clients are still able to be created at this
    point.
    Running the exploit in brute force mode though, again kills the child procs
    at some point.
    A steady stream of the running code may cause some disconnects.
    It did not appear to be causing a global system DoS.
    
    -----Original Message-----
    From: Pavel Kankovsky [mailto:peakat_private]
    Sent: Tuesday, June 25, 2002 5:59 PM
    To: vuln-devat_private
    Subject: Apache chunked encoding and Solaris/Sparc
    
    
    Has anyone (besides the omnipotent Gobbles, of course) managed to harm
    Apache running on Solaris/Sparc? As far as I can tell, Solaris
    implementation of memcpy() does NOTHING when it gets a negative length,
    and Solaris read() fails with EINVAL when the length is negative.
    
    --Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
    "Resistance is futile. Open your source code and prepare for assimilation."
    



    This archive was generated by hypermail 2b30 : Wed Jun 26 2002 - 19:28:18 PDT