• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Chucked encoding - What is it?

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses

View previous topic :: View next topic  
Author Message
b4rtm4n
Trusted SF Member
Trusted SF Member


Joined: 26 May 2002
Posts: 16777206
Location: Bi Mon Sci Fi Con

Offline

PostPosted: Mon Aug 12, 2002 9:09 pm    Post subject: Chucked encoding - What is it? Reply with quote

Hi,

Can anyone point out a URL or happen to have a detailed explanation on chunked encoding and how it can be exploited?

Chance for a few of you to show off here!!
Back to top
View user's profile Send private message Send e-mail
ComSec
Trusted SF Member
Trusted SF Member


Joined: 26 Jul 2002
Posts: 16777215


Offline

PostPosted: Mon Aug 12, 2002 10:33 pm    Post subject: Reply with quote

Chunked encoding is a means to transfer variable-sized units of data (called chunks) from a web client to a web server. There is an arithmetic error in the way Apache calculates the size of a buffer used to hold a chunk. The result is that Apache allocates a buffer that is too small, allowing an intruder to overflow the buffer.

Buffers used to store chunks are allocated on the heap, and therefore this vulnerability can be called a heap-based buffer overflow. Exploiting a heap-based buffer overflow to gain control of a system can sometimes be more difficult than exploiting other kinds of buffer overflows to gain control. However, the failure is more conducive to gaining control of the system than other typical heap-based buffer overflows.

examples:

http://www.mandrakesecure.net/en/advisories/2002/MDKSA-2002-039.php

http://www.debian.org/security/2002/dsa-133

http://www.suse.de/de/support/security/2002_22_apache.html

also here is a chunked scanner to test servers: its free

http://www.nstalker.com/defense/Apache-Chunked-Scanner.zip

ComSec
Back to top
View user's profile Send private message Visit poster's website
b4rtm4n
Trusted SF Member
Trusted SF Member


Joined: 26 May 2002
Posts: 16777206
Location: Bi Mon Sci Fi Con

Offline

PostPosted: Tue Aug 13, 2002 10:03 am    Post subject: Reply with quote

Brilliant! Thankyou v much. Cool
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register