[Zope] memory leaks and worms
Paul Zwarts
paz@oratrix.com
Thu, 20 Sep 2001 15:24:02 +0200
Greetings,
Has anyone had experience with the results of Nimda and CodeRed over
zope? I have a suspicion that these worms cause memory leaks on the
python process. Although the exploits are designed for MicroSnooze
servers, Zope of course tries to parse them anyhow, sometime throwing
exceptions at a lower level than the standard_error_page, thus
disallowing me to write dtml or python to intercept it. The result,
_I_think_ is a memory leak because zope isnt cleaning itself up. But I'm
at loss how to prove this....
/scripts/..%5c../winnt/system32/cmd.exe?/c+dir=A0
/scripts/..=C1=1C../winnt/system32/cmd.exe?/c+dir
/msadc/..%5c../..%5c../..%5c/..=C1=1C../..=C1=1C../..=C1=1C../winnt/syste=
m32/cmd.exe
?/c+dir
/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir
..etc..
What I use:
Zpopy=20
Zpsycopg (latest)
CoreSession
Python152
Zope233
(no different results for same but on python211 and Zope240)
Hoping someone else out there is expereiencing the same things....
Paul Zwarts