RE: lug-bg: apache remote vulnerability
- Subject: RE: lug-bg: apache remote vulnerability
- From: bkrosnov@xxxxxxxx (Boyan Krosnov)
- Date: Thu, 20 Jun 2002 20:48:28 +0300
Ne si postawil zadyljitelniq prazen red sled header chastta na query-to
:)
t.e. Sled Transfer-encoding:... reda
BR,
Boyan
> -----Original Message-----
> From: Marian Popov [mailto:mano@xxxxxxxxxxxxx]
> Sent: Thursday, June 20, 2002 8:39 PM
> To: lug-bg@xxxxxxxxxxxxxxxxxx
> Subject: Re: lug-bg: apache remote vulnerability
>
>
> Eto go i moito
>
>
> HTTP/1.1 400 Bad Request
> Date: Thu, 20 Jun 2002 17:34:47 GMT
> Server: Apache/1.3.24 (Unix) PHP/4.1.2
> Connection: close
> Transfer-Encoding: chunked
> Content-Type: text/html; charset=iso-8859-1
>
> 173
> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> <HTML><HEAD>
> <TITLE>400 Bad Request</TITLE>
> </HEAD><BODY>
> <H1>Bad Request</H1>
> Your browser sent a request that this server could not understand.<P>
> Request header field is missing colon separator.<P>
> <PRE>
> 80000001</PRE>
> <P>
> <HR>
> <ADDRESS>Apache/1.3.24 Server at wireless.pazardjik.com Port
> 80</ADDRESS>
> </BODY></HTML>
>
> 0
>
> Connection closed by foreign host.
>
> Taka li triabva da e ili ne ?
> >
> > àìè àç ïà÷íàõ debian source package-a îò testing è unsable
> (apache 1.3.24)
> ñ
> >
> ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/005_httpd.patch ñ
> ëåêè
> > ìîäèôèêàöèè è ñå apply-íà ÷èñòî óæ, èíà÷å òðåáå äà
> downgrade äî apache
> 1.3.9
> > îò stable ùîòî DSA ñå ãðèæàò ñàìî çà stable. Òà ïðåäè äà
> ïà÷íà 1.3.24 ñ
> òîçè
> > òåñò íàïðàâî ìè çàòâàðåøå êîíåêöèÿòà, à ñëåä êàòî ãî ïà÷íàõ ïëþå Bad
> Request,
> > íî ïàê close-âà connection-a:
> >
> > HTTP/1.1 400 Bad Request
> > Date: Thu, 20 Jun 2002 17:00:07 GMT
> > Server: Apache/1.3.24 (Unix) Debian GNU/Linux mod_python/2.7.6
> Python/2.1.3
> > PHP/4.1.2
> > mod_fastcgi/2.2.12 mod_auth_pgsql/0.9.12 mod_throttle/3.1.2
> mod_ssl/2.8.7
> > OpenSSL/0.9.6c mod_perl/1.26 DAV/1.0.3
> > Connection: close
> > Content-Type: text/html; charset=iso-8859-1
> >
> > <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> > <HTML><HEAD>
> > <TITLE>400 Bad Request</TITLE>
> > </HEAD><BODY>
> > <H1>Bad Request</H1>
> > Your browser sent a request that this server could not
> understand.<P>
> > Invalid URI in request POST /index.html HTTP/1.1<P>
> > <HR>
> > <ADDRESS>Apache/1.3.24 Server at localhost Port 80</ADDRESS>
> > </BODY></HTML>
> > Connection closed by foreign host.
> >
> > Òîâà safe ëè å ? èëè ïàê óìèðà child-à è parent-à ìîæå äà
> íàïðàâè íåêâè
> > äèâîòèè ñ ðåñóðñèòå ?
> > --
> > Greets,
> > fr33zb1
> >
> ==============================================================
> ==============
> > A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
> > http://www.linux-bulgaria.org - Hosted by Internet Group
> Ltd. - Stara
> Zagora
> > To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
> >
> ==============================================================
> ==============
> >
>
> ==============================================================
> ==============
> A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
> http://www.linux-bulgaria.org - Hosted by Internet Group Ltd.
> - Stara Zagora
> To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
> ==============================================================
> ==============
>
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================
|