Hi, 2008/11/20 Nico Golde <[EMAIL PROTECTED]>: > Hi, > * Raphael Geissert <[EMAIL PROTECTED]> [2008-11-20 09:32]: >> The following CVE (Common Vulnerabilities & Exposures) id was published for >> msp-webserver. >> >> CVE-2008-5160[1]: > [...] > > Did you manage to reproduce that? Not reproducible for me > with the unstable version.
No, I didn't have time to setup the server and attempt to reproduce it. But I did check the changelog and the patches being applied and found nothing relevant that could "fix" or prevent the issue. I have just tried to reproduce it and I succeeded. I made four fruitful attempts: 1. original exploit: nothing. 2. 200 requests: server segfaulted 3. 2000 requests: too many childs are spawned and they start eating the memory almost by 100MBs per sec. 4. 3000 requests: same as with the 2000 requests. Note that I had to run the exploit a couple of times to reproduce the issue triggered at 3, and when I tried to reproduce the segfault under gdb to get a backtrace I didn't succeed to reproduce it. > > Cheers > Nico > -- > Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF > For security reasons, all text in this mail is double-rot13 encrypted. > Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net Dan Quayle - "This President is going to lead us out of this recovery." -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
