FW: Apache 1.3.22 exploit

From: Philip Wagenaar (pb.wagenaar@chello.nl)
Date: 02/27/02

Previous message: rpc: "Re: Quick SNMP Payload Structure Question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Philip Wagenaar" <pb.wagenaar@chello.nl>
To: <vuln-dev@securityfocus.com>
Date: Wed, 27 Feb 2002 14:52:44 +0100

I emailed with apache security about this and this is their response:

So this should end the discussion from an apache view....

-----Original Message-----
From: Mark J Cox [mailto:mark@awe.com]
Sent: woensdag 27 februari 2002 14:57
To: Philip Wagenaar
Cc: security@apache.org
Subject: Re: Apache 1.3.22 exploit

Please see
http://security.e-matters.de/advisories/012002.html

Mark

--
Mark J Cox ........................................... www.awe.com/mark
Apache Software Foundation ..... OpenSSL Group ..... Apache Week editor

Previous message: rpc: "Re: Quick SNMP Payload Structure Question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Apache/Tomcat Denial Of Service And Information Leakage Vulnerability
... mod_jk 1.2 using Apache Jserv Protocol 1.3 ... Tomcat 4.x Server ... A client may connect to the target machine and deliver several requests ... response back over the connection. ...
(Bugtraq)
Re: Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1
... "Expect" header. ... In Apache 2.0.x and 2.2.x, the 417 response will be sent by the server ...
(Bugtraq)
Re: [Full-disclosure] IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Servi
... Brian, a question for clarification. ... When you say "customized 404 response", you are not referring to a customized error document but rather to having changed the headers that the server returns when queried with a GET request, correct? ... And wouldn't this require changing source code and compiling a custom build of apache? ...
(Full-Disclosure)
Re: Netlimiter liike tool
... Traffic shaping allows for queue jumping of some packets over others ... only one response came close. ... apache, so one respondent put up an apache solution. ... Pardon me for being frustrated when people offer suggestions that I have ...
(Debian-User)
Re: redirect using location header does not work from an already redirected doc.
... took fright at the response on c.l.p.misc; ... specifically CGI one, though I could turn out to have been mistaken... ... required reading at this point (you mentioned apache 1.3.*) ... preserve the original error code, which is normally what one wants. ...
(comp.lang.perl.misc)