Apache 1.3.26 seg faults & bus errors

From: rsavageat_private
Date: Fri Oct 25 2002 - 08:59:30 PDT

Next message: opus: "Strange attacks"

Previous message: Frank Cheong: "Keep connecting to remote host on port 7869"
Next in thread: Ryan Sweat: "Re: Apache 1.3.26 seg faults & bus errors"
Reply: Ryan Sweat: "Re: Apache 1.3.26 seg faults & bus errors"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

We upgraded to apache 1.3.26 from apache 1.3.24 during the time the
`Apache Web Server Chunk Handling Vulnerability' was released, but
still seeing these:


[Fri Aug 23 08:30:35 2002] [notice] child pid 50775 exit signal
Segmentation fault (11)
[Fri Aug 23 08:49:31 2002] [notice] child pid 51990 exit signal
Segmentation fault (11)
[Fri Aug 23 09:31:56 2002] [notice] child pid 55712 exit signal
Segmentation fault (11)
[Fri Aug 23 10:32:20 2002] [notice] child pid 60289 exit signal
Segmentation fault (11)
[Fri Aug 23 10:45:33 2002] [notice] child pid 61593 exit signal
Segmentation fault (11)
[Fri Aug 23 10:55:37 2002] [notice] child pid 62832 exit signal Bus error
(10)
[Fri Aug 23 11:43:24 2002] [notice] child pid 65789 exit signal Bus error
(10)
[Fri Aug 23 12:14:07 2002] [notice] child pid 69531 exit signal
Segmentation fault (11)
[Fri Aug 23 13:04:01 2002] [notice] child pid 73722 exit signal
Segmentation fault (11)

dmesg.yesterday:pid 32987 (httpd), uid 65534: exited on signal 10
dmesg.yesterday:Oct 22 14:07:09 robin /kernel: pid 32987 (httpd), uid
65534: exited on signal 10
messages:Oct 22 14:07:09 robin /kernel: pid 32987 (httpd), uid 65534:
exited on signal 10

Server version: Apache/1.3.26 (Unix)
Server built:   Jun 20 2002 10:14:35

Compiled-in modules:
  http_core.c
  mod_env.c
  mod_log_config.c
  mod_mime.c
  mod_negotiation.c
  mod_status.c
  mod_include.c
  mod_autoindex.c
  mod_dir.c
  mod_cgi.c
  mod_asis.c
  mod_imap.c
  mod_actions.c
  mod_userdir.c
  mod_alias.c
  mod_rewrite.c
  mod_access.c
  mod_auth.c
  mod_proxy.c
  mod_usertrack.c
  mod_unique_id.c
  mod_setenvif.c
  mod_perl.c
suexec: disabled; invalid wrapper /etc/httpd/bin/suexec


Is there something else out there, another DoS attack?

-- 
Rory Savage, Senior Systems Administrator
Nando Media: www.nandomedia.com
email: rsavageat_private
aol im (PiasElihU)
919-836-5987 (Office)




----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: opus: "Strange attacks"
Previous message: Frank Cheong: "Keep connecting to remote host on port 7869"
Next in thread: Ryan Sweat: "Re: Apache 1.3.26 seg faults & bus errors"
Reply: Ryan Sweat: "Re: Apache 1.3.26 seg faults & bus errors"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Oct 25 2002 - 16:06:57 PDT