[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4E55FE55.4060003@fibertel.com.ar>
Date: Thu, 25 Aug 2011 04:48:37 -0300
From: root <root_@...ertel.com.ar>
To: Dan Kaminsky <dan@...para.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Apache Killer
On 08/25/2011 03:42 AM, Dan Kaminsky wrote:
> On Wed, Aug 24, 2011 at 10:52 PM, root <root_@...ertel.com.ar> wrote:
>
>>
>>> Seriously. This is Zalewski we're talking about. If you've extended his
>>> work, you're doing something right.
>>
>>
>> Or perhaps, not. Respectfully, fuck this elitist bullshit.
>> I'm sure you and your friend are good hard-working guys. But you should
>> not be the focus of every press release, specially if you didn't find
>> the damn bug.
>>
>>
> OK, so I looked into it.
>
> Zalewski's stuff in 2007 was about bandwidth amplification -- with a few
> requests, you could get a server to send you a truly enormous amount of
> data. Kingcope's attack shares the same vector (multiple range requests)
> but uses it entirely differently, not as a drain of bandwidth on the client
> but against memory on the server. Different DoS, same buggy code.
>
> Think of it like memory corruption -- in one person's hands, the daemon
> simply crashes. In another's, a reverse shell is born.
>
> I don't think the press has made Zalewski the focus, though. I looked at
> the various articles on Google News; here's the distribution of credit I
> see:
>
> Register: Credits both Kingcope and Zalewski by name
> Computerworld: Credits both Kingcope and Zalewski by name
> LWN/Apache: Credits neither, but links to Kingcope's post directly
> H-Online: Credits neither, but links to Kingcope's post directly
> ZDNet: Credits neither, but links to Kingcope's post directly
> Slashdot: Links to Kingcope's post directly, credits Zalewski by name
> CRN: Credits Kingcope exclusively
>
> For the record, it's a solid find.
>
Maybe I overreacted.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists