Re: Apache seg fault

From: The Traveler (gamblintraveler@netscape.net)
Date: 07/08/02 

From: gamblintraveler@netscape.net (The Traveler)
Date: 8 Jul 2002 07:02:21 -0700

Thanks for the reply, Luke.

However, I don't see how this has to do with the known
'chunk' vulnerability. Nothing that I have read of
the 'chunk' indicates that it is related to an error
in the 'host' request header.

How can these be the same issue? My source (CERT) doesn't
show any relationship. Can someone point me to documentation
showing that these two are related? I'd like to check this
one off and move on.

Thanks.

-Dave

Luke Vogel <luke@bell-bird.com.au> wrote in message news:<3D292F4A.AF86758E@bell-bird.com.au>...
> The Traveler wrote:
> >
> > Hi All,
> >
> > These past two days I've seen new errors in my Apache
> > web server log saying "request without host name . . .
> > exit signal Segmentation fault"
> >
> > The request packets come from the following IPs,
> > two in Japan and one in the US:
> > 218.44.251.156, 64.141.13.199, and
> > 210.174.172.6
> >
> > This looks like a new vulnerability in the Apache
> > server. I haven't seen any reference to this in
> > any of the security alerts, but seem to be an
> > obvious DoS vulnerability.
> >
> > Does anyone know anything about this?
> >
> > -Dave
>
> Yes, it is a new vulnerability ... something to do with "chunk" code ...
>
> If you haven't seen anything in the security alerts, you need to look
> again.
>
> Check out www.apache.org for updates.
> --
> Regards
> Luke
> ------
> Q: What does FAQ stand for?
> A: We are Frequently Asked this Question, and we have no idea.
> ------
> C.O.L.S FAQ - http://www.linuxsecurity.com/docs/colsfaq.html
> ------

Relevant Pages