Security Incidents: Re: Apache 1.3.XX

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: Apache 1.3.XX

From: Russell Fulton <R.FULTON () auckland ac nz>
Date: 01 Feb 2002 16:05:17 +1300

On Fri, 2002-02-01 at 10:30, Russell Fulton wrote:


Hmmm.... we saw an attack two days ago against an apache server which 
consisted of GETs and POST followed by long strings of Xs followed by shell
code.


I have just got the logs from the admin and I find I lied, no shell code
was logged by apache, just the long string of 'X'S (about 8186 of them).
So either there was no shell code or apache truncated the string when it
logged it.

Apologies for the confusion.

-- 
Russell Fulton, Computer and Network Security Officer
The University of Auckland,  New Zealand


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

By Date By Thread

Current thread:

Re: Apache 1.3.XX Russell Fulton (Feb 01)
- Re: Apache 1.3.XX Blake Frantz (Feb 01)
  - Re: Apache 1.3.XX Veins (Feb 04)
- <Possible follow-ups>
- Re: Apache 1.3.XX Sten (Feb 01)