www/160247: Website vulnerability
Alvaro
gobledb at gmail.com
Sun Aug 28 01:10:09 UTC 2011
>Number: 160247
>Category: www
>Synopsis: Website vulnerability
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-www
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Aug 28 01:10:08 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator: Alvaro
>Release: none
>Organization:
none
>Environment:
FreeBSD shuttle0.lan 9.0-BETA1 FreeBSD 9.0-BETA1 #4: Fri Aug 26 05:37:30 WEST 2011 netSys at shuttle0.lan:/usr/obj/usr/src/sys/GALILEO amd64
>Description:
The problem is on mod_deflate.
===>Action
> perl killapache.pl www.freebsd.org 50
host seems vuln
ATTACKING www.freebsd.org [using 50 forks]
Redhat reported this but is waiting for Apache Foundation
https://bugzilla.redhat.com/show_bug.cgi?id=732928
http://www.exploit-db.com/exploits/17696/
Note: PC-BSD has got a better security that OpenBSD (wtf) and FreeBSD (?)
> perl killapache.pl www.pcbsd.org 50
Host does not seem vulnerable
> perl killapache.pl www.openbsd.org 50
host seems vuln
ATTACKING www.openbsd.org [using 50 forks]
=====> References
http://www.dslreports.com/forum/r26243047-Apache-1.x-2.x-Range-header-security-issue
http://seclists.org/fulldisclosure/2011/Aug/175
Cheers!
>How-To-Repeat:
Download the scipt
Install devel/p5-Parallel-ForkManager
perl script_name.pl www.freebsd.org 50
>Fix:
Disable mod_deflate and wait Apache Foundation will correct it. (I think so)
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-www
mailing list