** Changed in: apache2 (Debian)
Status: New => Fix Released
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@list
The connlimit module in iptables is an excellent defence against Apache
Denial of Service attacks. However, since upgrading to Karmic, iptables
is no longer blocking simultaneous connections when requested for me.
I had previously been using:
iptables -A INPUT -p tcp --syn --dport 80 -m connlimit
** Changed in: apache2 (Ubuntu)
Status: Confirmed => Triaged
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lis
** Changed in: apache2 (Debian)
Status: Confirmed => New
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.u
** Changed in: apache2 (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu
** Changed in: apache2 (Ubuntu)
Assignee: (unassigned) => Dekar (dekar-wc3edit)
** Changed in: apache2 (Ubuntu)
Assignee: Dekar (dekar-wc3edit) => (unassigned)
** Changed in: apache2 (Ubuntu)
Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security)
--
apache2 DoS attack u
Changing the priority doesn't really change the availability of a
solution. :) But I don't mind classifying it this way.
** Changed in: apache2 (Ubuntu)
Importance: Wishlist => High
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notificati
Second this. This is a high priority security bug. You can't seriously
classify this as whishlist?!
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-b
Can't you at least change the importance level? It is way more important
then "wishlist", it is one of the worst things that could happen to a
fresh ubuntu server installation! Concerning to the guidelines it should
be high!
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/39
I'm not aware of a reasonable upstream solution to this yet; it is a
detectable, direct, denial of service, so there are methods that admins
can use to work around (iptables, etc).
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification beca
Some comments:
- All Apache MPMs are affected. The sole exception may be if you use the
event MPM without SSL.
- The slowloris attack leaves plenty of error 400 entries in the access
log.
- Using iptables connlimit with a reasonable maximum number of
connections per IP (like 1/5 or 1/10 of what
** Changed in: apache2 (Debian)
Status: New => Confirmed
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.u
** Changed in: apache2 (Debian)
Status: Confirmed => New
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.u
** Bug watch added: Debian Bug tracker #533661
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=533661
** Changed in: apache2 (Debian)
Importance: Undecided => Unknown
** Changed in: apache2 (Debian)
Status: New => Unknown
** Changed in: apache2 (Debian)
Remote watch: None => Debia
It is a serious remote denial of service! It can be used from a single
modem line and take down a whole server without generating any logfiles
except normal access logs. It's funny how you guys treat it as
"Wishlist" for three months even though it's one of the worst remote
denial of service attack
Apparently apache2-mpm-worker *is* the default choice of mpm, at least
some of the time (though the machine I first checked on had apache-mpm-
prefork, I am unsure why). My mistake, it would appear.
Using apache2-mpm-prefork would appear to be a viable workaround, unless
it leads to performance i
Dekar: Did you actually test this at all? Please provide some evidence
to support your claims.
You have said that you believe this issue is:
> A real problem, exploitable for many people in a default
> installation. Includes serious remote denial of services,
> local root privilege escalations,
highA real problem, exploitable for many people in a default
installation. Includes serious remote denial of services,
local root privilege escalations, or data loss.
Thus it should be changed to HIGH and fixed ASAP!
** Also affects: apache2 (Deb
** Changed in: apache2 (Ubuntu)
Importance: Undecided => Wishlist
** Changed in: apache2 (Ubuntu)
Status: New => Confirmed
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Bugs, which is s
** Visibility changed to: Public
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.
20 matches
Mail list logo
