You are viewing a plain text version of this content. The canonical link for it is here.

Posted to c-dev@axis.apache.org by "Frederic Heem (JIRA)" <ji...@apache.org> on 2008/05/30 12:47:45 UTC

[jira] Created: (AXIS2C-1169) axis2_http_server denial of service

axis2_http_server denial of service
-----------------------------------

                 Key: AXIS2C-1169
                 URL: https://issues.apache.org/jira/browse/AXIS2C-1169
             Project: Axis2-C
          Issue Type: Bug
    Affects Versions: 1.4.0
         Environment: linux fc6
            Reporter: Frederic Heem
            Priority: Blocker


Use the following netcat command to trigger a 100% CPU for axis2_http_server:
nc 127.0.0.1 9090 < echoString.txt


-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org

[jira] Updated: (AXIS2C-1169) axis2_http_server denial of service

Posted by "S.Uthaiyashankar (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/AXIS2C-1169?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

S.Uthaiyashankar updated AXIS2C-1169:
-------------------------------------

      Component/s: samples
    Fix Version/s: 1.6.0
         Assignee: S.Uthaiyashankar

> axis2_http_server denial of service
> -----------------------------------
>
>                 Key: AXIS2C-1169
>                 URL: https://issues.apache.org/jira/browse/AXIS2C-1169
>             Project: Axis2-C
>          Issue Type: Bug
>          Components: samples
>    Affects Versions: 1.4.0
>         Environment: linux fc6
>            Reporter: Frederic Heem
>            Assignee: S.Uthaiyashankar
>             Fix For: 1.6.0
>
>         Attachments: echoString.txt
>
>
> Use the following netcat command to trigger a 100% CPU for axis2_http_server:
> nc 127.0.0.1 9090 < echoString.txt

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (AXIS2C-1169) axis2_http_server denial of service

Posted by "Dinesh Premalal (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/AXIS2C-1169?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12601440#action_12601440 ] 

Dinesh Premalal commented on AXIS2C-1169:
-----------------------------------------

Frederic, AFAIK axis2_http_server is a server that we (Axis2/C developers) use for testing purposes. That is not intended to use in production environment. I think that is why no body really look into this DOS issue before.

I would suggest you to go with mod_axis2 (Apache2) if you are planning to use Axis2/C in a production environment.

> axis2_http_server denial of service
> -----------------------------------
>
>                 Key: AXIS2C-1169
>                 URL: https://issues.apache.org/jira/browse/AXIS2C-1169
>             Project: Axis2-C
>          Issue Type: Bug
>    Affects Versions: 1.4.0
>         Environment: linux fc6
>            Reporter: Frederic Heem
>            Priority: Blocker
>         Attachments: echoString.txt
>
>
> Use the following netcat command to trigger a 100% CPU for axis2_http_server:
> nc 127.0.0.1 9090 < echoString.txt

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org

[jira] Resolved: (AXIS2C-1169) axis2_http_server denial of service

Posted by "S.Uthaiyashankar (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/AXIS2C-1169?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

S.Uthaiyashankar resolved AXIS2C-1169.
--------------------------------------

    Resolution: Fixed

Fixed in revision 731918. Caused by an endless-loop.

> axis2_http_server denial of service
> -----------------------------------
>
>                 Key: AXIS2C-1169
>                 URL: https://issues.apache.org/jira/browse/AXIS2C-1169
>             Project: Axis2-C
>          Issue Type: Bug
>          Components: samples
>    Affects Versions: 1.4.0
>         Environment: linux fc6
>            Reporter: Frederic Heem
>            Assignee: S.Uthaiyashankar
>             Fix For: 1.6.0
>
>         Attachments: echoString.txt
>
>
> Use the following netcat command to trigger a 100% CPU for axis2_http_server:
> nc 127.0.0.1 9090 < echoString.txt

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Updated: (AXIS2C-1169) axis2_http_server denial of service

Posted by "Frederic Heem (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/AXIS2C-1169?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Frederic Heem updated AXIS2C-1169:
----------------------------------

    Attachment: echoString.txt

> axis2_http_server denial of service
> -----------------------------------
>
>                 Key: AXIS2C-1169
>                 URL: https://issues.apache.org/jira/browse/AXIS2C-1169
>             Project: Axis2-C
>          Issue Type: Bug
>    Affects Versions: 1.4.0
>         Environment: linux fc6
>            Reporter: Frederic Heem
>            Priority: Blocker
>         Attachments: echoString.txt
>
>
> Use the following netcat command to trigger a 100% CPU for axis2_http_server:
> nc 127.0.0.1 9090 < echoString.txt

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org

[jira] Updated: (AXIS2C-1169) axis2_http_server denial of service

Posted by "Dinesh Premalal (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/AXIS2C-1169?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Dinesh Premalal updated AXIS2C-1169:
------------------------------------

    Priority: Major  (was: Blocker)

This is not a blocker for Axis2/C therefore I'm downgrading priority

> axis2_http_server denial of service
> -----------------------------------
>
>                 Key: AXIS2C-1169
>                 URL: https://issues.apache.org/jira/browse/AXIS2C-1169
>             Project: Axis2-C
>          Issue Type: Bug
>    Affects Versions: 1.4.0
>         Environment: linux fc6
>            Reporter: Frederic Heem
>         Attachments: echoString.txt
>
>
> Use the following netcat command to trigger a 100% CPU for axis2_http_server:
> nc 127.0.0.1 9090 < echoString.txt

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org