Displaying 2 results from an estimated 2 matches for "finrod".
Did you mean:
find
1998 Aug 08
0
Apache bug, eats memory...
....5 and 1.2.6 tested, 1.3 is vulnerable according
to Ben Laurie [Apache member]) doesn''t handle the case, when there are
a lot (say 10000) of "User-Agent:"-headers. (other headers could also
work!).
An exploit with source-code was posted on BugTraq.
excerpts from the mail by <finrod@EWOX.ORG>:
| There seems to be a simple way of badly DoSing any Apache server. It
| involved a massive memory leak in the way it handles incoming request
| headers. I based my exploit on the assumption that they use setenv()
| (which they don''t) and that the bug occurs when you send a h...
1998 Aug 02
0
ipportfw - security
...(1.2.5 and 1.2.6 tested, 1.3 is vulnerable according
to Ben Laurie [Apache member]) doesn't handle the case, when there are
a lot (say 10000) of "User-Agent:"-headers. (other headers could also
work!).
An exploit with source-code was posted on BugTraq.
excerpts from the mail by <finrod@EWOX.ORG>:
| There seems to be a simple way of badly DoSing any Apache server. It
| involved a massive memory leak in the way it handles incoming request
| headers. I based my exploit on the assumption that they use setenv()
| (which they don't) and that the bug occurs when you send a header...