[Zope] Easy Zope DoS ?

John Adams jadams@inktomi.com
Tue, 21 May 2002 14:30:18 -0700 (PDT)


On Tue, 21 May 2002, Thomas B. Passin wrote:

> [John Adams]
> > It seems that if I've started the zope server from the command line, and
> > then telnet to the port it's running on (8080) and issue a malformed HTTP
> > request, I can kill the server. Does anyone else experience this?
[...]
> > The server goes down for the count after this.

Let me add a few notes here so I don't cause a panic. I'm on Zope 2.5.0
with python 2.1.1 (SunOS 5.8 Generic_108528-01 sun4u sparc
SUNW,Ultra-250.) Non-CVS checkout -- this is a release I downloaded from
zope.com.

This problem doesn't happen on an immediate restart of zope, so it's
certainly not an Easy DoS as I may have indicated. It happens once the
server's been up for awhile (but time to failure is unknown.) I just
restarted my server and now I can't reproduce the issue.

I see quite a few people on higher versions of Zope, and I should probably
upgrade, but I'd like to know if anyone sees random Zope daemon failure
that is similar to what I'm experiencing.

-john