[UNIX] PHP / Apache DoS (Resource Consumption)
From: SecuriTeam (support_at_securiteam.com)
Date: 05/23/04
- Previous message: SecuriTeam: "[NT] BNBT BitTorrent Tracker DoS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: list@securiteam.com Date: 23 May 2004 14:56:17 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
PHP / Apache DoS (Resource Consumption)
------------------------------------------------------------------------
SUMMARY
PHP and Apache based hosting is becoming very popular these days. A denial
of service attack against the web server can be created using a very
simple PHP script being called through the web server's normal web
interface (NOTE: The DoS requires the attacker to have at least local file
access to the web server, i.e. being able to store a PHP file on the
remote host).
DETAILS
PHP has many functions available that enable it to connect to remote sites
to retrieve HTML such as fopen, fsockopen and some third party libraries
such as the popular curl. Many ISPs allow at least one or more of these
functions including some free web page providers.
By creating an endless loop using these functions it is possible, even
with the script timeout set to 30 seconds, to create a Denial of Service
of both PHP and the web server itself (in this case Apache).
Example:
Create a file called for example : loop.php containing the following code:
<? fopen("http://127.0.0.1/loop.php","r"); ?>
replacing the web server location to the place where you have uploaded the
script.
Then all you have to do is to open the page in a webbrowser. This will
render Apache unable to serve any streams and will eventually crash the
process.
ADDITIONAL INFORMATION
The information has been provided by
<mailto:brereton_paul@btinternet.com> Paul Brereton.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: SecuriTeam: "[NT] BNBT BitTorrent Tracker DoS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
