Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 167103 - CAN-2005-2728 byterange memory DoS
CAN-2005-2728 byterange memory DoS
Status: CLOSED DUPLICATE of bug 167102
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: httpd (Show other bugs)
3.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Joe Orton
impact=moderate,public=20040707,sourc...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-08-30 07:47 EDT by Mark J. Cox
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-08-31 10:45:27 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Mark J. Cox 2005-08-30 07:47:08 EDT 
+++ This bug was initially created as a clone of Bug #167102 +++

A flaw was found in Apache 2.0 where the byterange filter would buffer responses
into memory.  This could cause a Denial of Service through memory leak if a
remote attacker sends carefully crafted requests to a web server that has a CGI
script which usually would give a large response.
Comment 2 Joe Orton 2005-08-30 08:23:40 EDT 
Note that this also affects any dynamic response generator such as PHP.
Comment 3 Mark J. Cox 2005-08-31 10:45:27 EDT 
Will be async, marking as dupe of RHEL4 bug

*** This bug has been marked as a duplicate of 167102 ***
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.