I can't see this being prevented anywhere in squid at the moment (quick
glance through the source here). Now it's been on bugtraq is a good time
to fix (prevent) it.
David.
---------- Forwarded message ----------
Date: Mon, 10 Mar 1997 23:29:34 -0500
From: Christopher Blizzard <blizzard@APPLIEDTHEORY.COM>
To: BUGTRAQ@NETSPACE.ORG
Subject: Re: Lynx/MSIE denial-of-service
In message <Pine.BSI.3.95.970310144258.7182A-100000@l0pht.com>, Doctor Who writ
es:
:Many systems run a service called "chargen" on port 19. It simply
:generates a never-ending stream of characters.
[...]
:A URL such as http://localhost:19 could cause the "flooding" damage to a
:system running lynx and chargen to occur almost instantly, because the
:characters would of course come at a much higher speed.
[...]
You can also create a serios DOS attack when this is combined with a proxy
server. Using the URL:
http://some.proxy.host/http://some.host.on.the.local.lan:19/
can bring some machines to a screaming halt.
--Chris
------------
Christopher Blizzard
AppliedTheory Communications, Inc.
blizzard@appliedtheory.com
------------
Received on Tue Jul 29 2003 - 13:15:40 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:11:14 MST