[logs] Apache error_log data: chunked encoding vulnerability

From: Tina Bird (tbird@precision-guesswork.com)
Date: Mon Jul 01 2002 - 16:24:44 PDT

  • Next message: Steffen Kluge: "Re: [logs] Apache error_log data: chunked encoding vulnerability"

    Hi all -- I've collected a few Apache error_log messages for the
    recently-announced chunked encoding vulnerability in the Apache Web
    server.  Things to watch out for:
    
    from bugtraq posting 19 june -- joe testa:
    
    apache 1.3.24 on UNIX: [Mon Jun 17 16:12:25 2002] [notice] child pid 21452 exit signal Segmentation fault (11)
    
    apache 2.0.36 on win32: [Tue Jun 18 09:16:34 2002] [notice] Parent: child process exited with status 3221225477 -- Restarting.
    
    from idefense analysis of freeBSD worm:
    
    [Sat Jun 29 15:06:41 2002] [error] [client 172.16.159.57] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /
    
    from incidents posting 26 june -- brett glass:
    
    [Wed Jun 26 15:55:01 2002] [error] server reached MaxClients setting, consider raising the MaxClients setting
    [Wed Jun 26 21:28:36 2002] [warn] child process 164 still did not exit, sending a SIGTERM
    [Wed Jun 26 21:28:36 2002] [warn] child process 165 still did not exit, sending a SIGTERM
    [Wed Jun 26 21:28:36 2002] [warn] child process 166 still did not exit, sending a SIGTERM
    [Wed Jun 26 21:28:36 2002] [warn] child process 167 still did not exit, sending a SIGTERM
    ....
    httpd in free(): warning: page is already free
    httpd in free(): warning: page is already free
    httpd in free(): warning: page is already free
    
    hope this is useful -- tbird
    
    
    ---------------------------------------------------------------------
    To unsubscribe, e-mail: loganalysis-unsubscribeat_private
    For additional commands, e-mail: loganalysis-helpat_private
    



    This archive was generated by hypermail 2b30 : Mon Jul 01 2002 - 16:28:29 PDT