Red Hat Bugzilla – Bug 97922
mod_rewrite gets stuck in an infinite loop and causes httpd to chew resources until it is killed by the kernel
Last modified: 2007-03-27 00:07:20 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR
1.0.3705; .NET CLR 1.1.4322)
Description of problem:
If a user creates a .htaccess file of the appropriate type, please email me
directly for an example, it will result in an infinite loop and the end result
will be a runaway httpd proccess taking all the CPU time it can get and an ever
increasing amount of memory before the kernel kills it.
Adding the following to the .htaccess file will prevent it:
But this is supposedly a default value according to:
I presume this will also effect other (newer) versions of RedHat but I won't
have the chance to test this until this evening with 7.3 at home.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Create appropriate .htaccess file
2. Request a page in IE/Mozilla
Actual Results: Server load goes out of control until the kernel kills the
proccess in question. Multiple requests = multiple processes and a big mess.
Expected Results: mod_rewrite should have detected the loop and returned an
Internal Server Error
This bug will only be exploitable if a custom Apache configuration is used as
the default configuration prevents use of .htaccess files for overriding
I've just realised that MaxRedirects is listed as supported in Apache 1.3.28
and above. As this provides means for a DOS attack I believe RedHat should
release an errata with the newer version of Apache and hence this support, and
the default value.
We did release an errata that included the new directive. See: