Date: Thu, 20 Jun 2002 15:32:12 -0500 From: "Jacques A. Vidrine" <nectar@FreeBSD.ORG> To: Marc Slemko <marcs@znep.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Apache root exploitable? Message-ID: <20020620203212.GA56421@madman.nectar.cc> In-Reply-To: <Pine.BSF.4.20.0206201327200.38173-100000@alive.znep.com> References: <20020620201509.GC56227@madman.nectar.cc> <Pine.BSF.4.20.0206201327200.38173-100000@alive.znep.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jun 20, 2002 at 01:28:18PM -0700, Marc Slemko wrote: > > After all, even if it is `only' a DoS, it will probably get hit a > > lot once someone writes a Code Red-like worm for the Win32 version. > > History tells us that such worms don't bother to check the operating > > system or version that is running before attacking, and I would expect > > apache < 1.3.26 servers to experience a lot of downtime as a result. > > :-) > > It isn't a very serious DoS though. Code Red and friends didn't even tickle a bug (in non-Microsoft servers), yet choked many non-Microsoft down due to the sheer number of requests. A `Code Red for Win32 Apache Chunking' would probably not spread as much (unless there is way more Win32 Apache than I think), but the number of requests generated could still be large --- and have special impact on Apache < 1.3.26 servers. Cheers, -- Jacques A. Vidrine <n@nectar.cc> http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020620203212.GA56421>