httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aram W. Mirzadeh" <...@qosina.com>
Subject Re: WWW Form Bug Report: "Security hole in Apache 1.0" on Linux
Date Thu, 08 Feb 1996 21:14:45 GMT


What other information do you have on this?  Especially your cgi-bin
permissions, as well as your ht-docs permissions. 

<Aram>


At , you wrote:
>Submitter: twc@calyx.net
>Operating system: Linux, version: 
>Extra Modules used: none
>URL exhibiting problem: 
>
>Symptoms:
>--
>We have been having security compromises on our servers running apache 1.0.
>It appears that the only sign of an attempted attack is massive garbage in
>the access logs.  It appears that a client sends hundreds of requests that
>are not URLs, but rather very large and very small integers, usually 
>ending in "127."  (ie-  we see "-23428129470105127" as a requested document
>in our access logs.  we also sometimes see "127" "-7" and the like.)
>
>Please get in touch with me at twc@calyx.net so I can provide more details,
>actual log entries, and more information about our systems in general.
>
>Thanks.
>--
>
>Backtrace:
>--
>
>--
>
--
Aram W. Mirzadeh, MIS Manager, Qosina Corporation
http://www.qosina.com/~awm/, awm@qosina.com
Apache httpd server team http://www.apache.org



Mime
View raw message