Apache AB.C Web Benchmarking Read_Connection() Buffer Overflow Vulnerability

info
discussion
exploit
solution
references

Apache AB.C Web Benchmarking Read_Connection() Buffer Overflow Vulnerability

A buffer-overflow condition has been reported in the 'ab.c' web-benchmarking utility provided with Apache webserver.

A malicious webserver may be able to exploit this overflow condition when the benchmarking utility is run against it. Data sent by a malicious server during the benchmarking process could cause memory to become corrupted with attacker-supplied values.