httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jsl...@gmail.com>
Subject Re: [users@httpd] A strange log entry -- New bug/vulnerability?
Date Thu, 02 Sep 2004 02:24:06 GMT
On Wed, 1 Sep 2004 21:26:44 -0400, Jonas Diener
<jdiener@rosettastone.com> wrote:
>
> 12.227.159.19 - - [30/Aug/2004:03:12:15 -0400] "SEARCH /\x90\x02\xb1\x02\xb1\x02\xb1...snip...\x90\x90\x90\x90\x90/local/apache2/htdocs/cam1/s169-20040824101549-00.jpg"
414 329
 
> This is very odd indeed.  At first it looks like a normal attempt to exploit a WebDAV
hole in IIS.  What makes it odd is the inclusion of the filename at the end.

Versions of apache before 2.0.50 have a slight problem where requests
that get 414 errors don't have their request-line properly terminated.
 This can cause some random characters from memory to be written to
the log file.  It is nothing in particular to worry about, but the
problem can be eliminated by upgrading to 2.0.50.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message