Hello.
I have found something interesting that can kill the server. I'm not sure if this is
because of Apache or PHP. If you use PHP to send a header() inside of a while loop,
the httpd process will begin to use massive CPU and Memory until it is killed, or the
server is killed. Here is what I used:
<?
while(0<1) {
header("A");
}
?>
We have tested this on apache 1.3.22, and apache 2.0.35, using php 4.1.2 and 4.2.0RC4.
It was able to completly kill our servers (not apache, the entire server). The loads
of the server will reach 50+. I have contacted apache about this and they said that it
is PHP related.
Dustin E. Childers
Security Administrator. CEO, Digitux Security, Inc.
http://www.digitux.net/
