Re: Apache Exploit

From: Michal Zalewski (
Date: 06/21/02

Date: Thu, 20 Jun 2002 18:43:49 -0400 (EDT)
From: Michal Zalewski <>
To: Randy Taylor <>

On Thu, 20 Jun 2002, Randy Taylor wrote:

> Yep it works. Not only that, but preliminary indications are that those
> OS'es not specifically supported in the GOBBLES 'sploit can be DOS'ed by
> it. I've totally hosed RH Linux and FreeBSD boxen with it so far.

How come? At worst, Apache child on Linux should segfault and be restarted
(which is a bit resource- and time-expensive operation, but no biggie).
Perhaps you just DoSed it on TCP level? Or some other symptoms? Just

Michal Zalewski [] [security]
[] <=-=> bash$ :(){ :|:&};:
=-=> Did you know that clones never use mirrors? <=-=