[Snort-sigs] Anyone working on sigs for the Apache chunked encoding vulnerability?
mkettler at ...189...
Tue Jun 18 08:43:05 EDT 2002
I'm wondering if anyone has a bit more information on this vulnerability so
that we can start writing sigs for it.
Currently it looks like it's a DoS against any version of Apache on any
platform, and potentially exploitable on win32 and some 64bit platforms.
The available information I can find so far indicates a lot about the high
level structure of the problem, but so far (somewhat wisely) does not give
much exploit detail. Unfortunately lack of such detail makes signature
writing near impossible at this point, so I'm wondering if anyone has
stumbled across more information than I have.
This is Apache's announcement:
This is the ISS announcement (has some details Apache left out, but also
misses some things that Apache figured out):
More information about the Snort-sigs