Date: Thu, 20 Jun 2002 13:53:28 -0700 (PDT) From: Marc Slemko <marcs@znep.com> To: "Jacques A. Vidrine" <nectar@FreeBSD.ORG> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Apache root exploitable? Message-ID: <Pine.BSF.4.20.0206201351370.38173-100000@alive.znep.com> In-Reply-To: <20020620203212.GA56421@madman.nectar.cc>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 20 Jun 2002, Jacques A. Vidrine wrote: > On Thu, Jun 20, 2002 at 01:28:18PM -0700, Marc Slemko wrote: > > > After all, even if it is `only' a DoS, it will probably get hit a > > > lot once someone writes a Code Red-like worm for the Win32 version. > > > History tells us that such worms don't bother to check the operating > > > system or version that is running before attacking, and I would expect > > > apache < 1.3.26 servers to experience a lot of downtime as a result. > > > :-) > > > > It isn't a very serious DoS though. > > Code Red and friends didn't even tickle a bug (in non-Microsoft > servers), yet choked many non-Microsoft down due to the sheer number > of requests. The vast majority of servers were not seriously impacted. Ones with large numbers of IP based virutal hosts were hit harder, but the typical server really wasn't impacted other than all the admins sending all sorts of mail to mailing lists saying "help me help me I'm under attack". > A `Code Red for Win32 Apache Chunking' would probably > not spread as much (unless there is way more Win32 Apache than I > think), but the number of requests generated could still be large --- > and have special impact on Apache < 1.3.26 servers. The bug can be exploited on various Unix platforms as well. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.20.0206201351370.38173-100000>