httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 44880] Program Apache 1.3.33 and before, for Windows systems, does not properly ignore certain characters that are received over a “? ” in URL, which could allow remote attackers to cause a denial of service.
Date Sat, 26 Apr 2008 12:39:36 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=44880


Jean François LECLERC <jean-francois.leclerc@orange.fr> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jean-
                   |                            |francois.leclerc@orange.fr
             Status|NEEDINFO                    |ASSIGNED




--- Comment #2 from Jean François LECLERC <jean-francois.leclerc@orange.fr>  2008-04-26
05:39:36 PST ---
I don't have more information. Only I know, http://127.0.0.1/?\x0A (it's a
"\n") cause a DoS (processor at 100% and RAM increased). 

Maybe there's a link with access.log and particulary ap_log_rerror function,
because use a "?" character in the url prevents to use this function (translate
url to unicode character before written event in access.log). so when I try
hexa characters in url (cause the DoS) and I try a new url with a ? and more,
for example : http://127.0.0.1/?<?%20echo%20"bonjour";%20?> no event is written
in access.log during the DoS, when it's stopped, the events will be written
again.

With http server apache 2.2, Apache add a "\" before \x0A, the result becomes
\\x0A in access.log and don't cause many problem


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message