We're presently experiencing the same behavior on FreeBSD 4.3 with Apache 1.3.20 mod_ssl/2.8.4 OpenSSL/0.9.6b. It seems to be load related: we have several other boxes on the network with the same config/versions, but that are much lower load and aren't experiencing the segfaults. For reference, the one that IS having problems is serving 3.29 requests/sec - 17.0 kB/second - 5.2 kB/request. The normal load is about 1.7 requests/sec. Any ideas on what's causing this, or a good way to track/truss the child process to see what it's doing when it dies? Chris On Tue, 18 Sep 2001, Chip McClure wrote: > Which version of apache, and what OS are you running? > > Running Apache 2.0.16, FreeBSD 4.3 - never had a segfault - and a ton of > probes against it. > > ---- > Chip McClure > Sr Unix Administrator > GigGuardian, Inc. > > http://www.gigguardian.com/ > ---- > > On Tue, 18 Sep 2001, bugtraq wrote: > > > Hello, > > > > > > Over 15 times my apache has segfaulted whenever I get scanned by this worm. > > > > Sep 18 13:30:15 cgisecurity /kernel: pid 35290 (httpd), uid 1003: exited on signal 11 > > Sep 18 13:38:03 cgisecurity /kernel: pid 35390 (httpd), uid 1003: exited on signal 11 > > Sep 18 14:06:00 cgisecurity /kernel: pid 35391 (httpd), uid 1003: exited on signal 11 > > Sep 18 14:20:51 cgisecurity /kernel: pid 35453 (httpd), uid 1003: exited on signal 11 > > Sep 18 15:27:22 cgisecurity /kernel: pid 35740 (httpd), uid 1003: exited on signal 11 > > ^C > > > > Any idea why apache is segfaulting? I have 250 megs of free ram without proccess limits and > > it segfaults. Also I tried every string and have been unable to replicate it manually. > > > > - adminat_private > > -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_ Chris Hardie - Principal Summersault, LLC - website development ph: 765-939-9301 x221 fax: 765-935-6798 914 E. Main St., Richmond, IN 47374 mailto:chrisat_private http://www.summersault.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Sep 18 2001 - 18:01:12 PDT