tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Apache/Tomcat vulnerability
Date Mon, 28 Nov 2016 22:57:44 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Jaaz,

On 11/28/16 2:24 PM, Jaaz Portal wrote:
> hi, i written "exploited some well know vulnerability in mod_proxy"
> not mod_jk.

Yes but then you implied that mod_jk had the same problem:

On 11/27/16 1:03 PM, Jaaz Portal wrote:
> Then they exploited some well know vulnerability in mod_proxy. We 
> have updated apache to the latest but again they has exploited it,
> so we have switched to mod_jk. *And then guess what. They exploited
> it too* so i decided to write to this list looking for help before
>  trying jetty.

(emphasis mine).

> we switched to mod_jk but they exploited it too, rest you can read
> on list

I have read all your posts, and I see no evidence of an exploit.

You have posted a single line from your log file which tells us next
to nothing:

> [Fri Nov 25 13:08:00.647835 2016] [mpm_event:error] [pid 13385:tid
>  139793489638592] AH00484: server reached MaxRequestWorkers
> setting, consider raising the MaxRequestWorkers setting

Okay, you ran out of workers, meaning that you have a large number of
incoming requests. This indicates neither a vulnerability nor an exploit
.

> anyway we have configured apache to mitigate such kind of attack
> (whatever flavor it is)

Great. How did you do that? This is a community of users who support
each other, not a Help Desk. So please help the community by
explaining what the problem was and what the solution was as well.

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJYPLZoAAoJEBzwKT+lPKRYSdkP/2wqolHXAjHGdYiY3qlQVwt5
0ND8fSnZQmSJROFwd1foGAiiAlSHsQV30QML6AgLzlhpTnyb7rOEE1VohZl5QMKv
Z3No4N3LXH/c9OtoYsf3A18h5GyvXzG0abRaI9dbIYLjqrv1XAR0J3cDrvmmirqW
Nh22fC0aYNJk68MbREgO8t6D2TIWEPqLyXAJAxc6nRtCaWaMJ22BnGH4rPmPcV8h
KzuJ6oxjSzSzewJGRDuZsdpLqJl+TvOGRzuv4PTKWnXmUXs1DeBLaUJHOmNeuGKB
WW18GlIwOOhVxdPY8qatiIuInotO6w0v1nL1r9nqV+d/3gA9Rl/myH/Vi5tWa6Io
Ca30NBKEk4A3xXmuJyTwryqJlK4QHP2JjjLCGQvYu8/fsNLzJPBViHRKQvgM+Yjt
YT46Kels0mXGtgLE8D4rhgA+Zu7wrIAtHKWh7pXZ7lBm3RQB31e6elkwfGDaSk2v
yEbXKWDWkfxPbIG9e/fxbZT/pgfE6hOMCL94l7oUGvxLxjEzVBzkuTjHBYV7zGpA
klxWOHrOJWtWn0KDmaU21jeuVzWZjKr/HVDnMGyAo2p9svNTuB/yLx+aToXFe2Sq
hrpZZoa61Jcdq+tU0maDq01PvUfeLW/fxcSjTXChZpuEFv5IUo6NKP5GoxqC3wrv
wDNqKX5IyyKJXVupnsB4
=q1fb
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message