[prev in list] [next in list] [prev in thread] [next in thread] 

List:       webappsec
Subject:    Re: Apache Killer - take 2?
From:       Damiano Bolzoni <damiano.bolzoni () utwente ! nl>
Date:       2012-01-23 14:02:17
Message-ID: 4F1D6869.9040604 () utwente ! nl
[Download RAW message or body]

On 1/23/12 2:40 PM, Anestis Bechtsoudis wrote:

> Apache byte-range killer use many small byte-range chunks in a single
> request. So no, your attached request is not related to such an attack.

You are right, I didn't write it down properly...what I meant is
"doesn't it look like a clumsy way to exhaust resources (due to the +inf
number that should result from 1024/-1)".

> At latest Apache stable release (2.2.21) -1 is not a valid
> entity-length, 

Perhaps another web server is vulnerable? This kind of "checks" are
usually performed randomly by scanners...

It just really weird that a client sends that header value, I searched
around but couldn't find any other example...

cheers

-- 
Dr. Damiano Bolzoni

damiano.bolzoni@utwente.nl
Homepage http://dies.ewi.utwente.nl/~bolzonid/
PGP public key http://dies.ewi.utwente.nl/~bolzonid/public_key.asc
Skype ID: damiano.bolzoni@utwente.nl

Distributed and Embedded Security Group - University of Twente
P.O. Box 217 7500AE Enschede, The Netherlands
Phone +31 53 4893744
Mobile +31 629 008724
ZILVERLING building, room 3015



This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now! 
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[prev in list] [next in list] [prev in thread] [next in thread]