(Additional Information) Re: Apache Web Server for Windows Lets Remote Users Crash the Web Server Application
|
|
SecurityTracker Alert ID: 1001317 |
|
SecurityTracker URL: http://securitytracker.com/id/1001317
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Apr 16 2001
|
Impact:
Denial of service via network
|
|
|
Description:
Apache web server for Win32 reportedly contains a vulnerability that allows remote users to crash the server application and may allow for execution of arbitrary code.
This vulnerability is reported to exist in versions 1.3.14 and 1.3.15 (default installation) on Windows 98SE and Windows 2000 SP1. When a remote user sends a string of 8192 characters, "(http command) <space> string 0d 0a", the server will crash. The user reports that it may be possible to insert executable shell code into the string and that it may be possible to open many connections to cause the server to consume all resources.
It is also reported that Apache does not log theese requests.
|
Impact:
A remote user can cause the server application to crash.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: www.apache.org/ (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS:
Windows (Any)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Mon, 16 Apr 2001 00:44:38 +0200
Subject: Re: Apache Win32 8192 chars string bug: LOG FILES EMPTY
|
I have forgotten the most important effect of the bug.
Apache don't register the attacker's request in the log files
(access and error DON'T report the string, the error or other information
about the event). This is very useful for the attacker for run remote
commands or open idle connections without the danger of be logged.
|
|
