Security Incidents mailing list archives
Re: Apache goes berserk
From: Brett Glass <brett () lariat org>
Date: Thu, 27 Jun 2002 15:27:53 -0600
At 03:09 PM 6/27/2002, Tobias Rosenstock wrote:
looks like your box is under fire from someone who tries to break in through the well-published apache chunked request vulnerability, probably even using apache-scalp.c, which was published on bugtraq last week.
This could well be. However, I'm running 2.0.39, which The Apache Group says is supposed to be immune. Maybe they're wrong, or maybe a DoS is possible even though a complete takeover of the server is not. --Brett ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Apache goes berserk Brett Glass (Jun 27)
- Re: Apache goes berserk Tobias Rosenstock (Jun 27)
- Message not available
- Re: Apache goes berserk Brett Glass (Jun 28)