|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [suse-security] Strange Apache log entry
Bill.Light
kp.org
Date: Thu Mar 18 2004 - 14:07:54 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, 18 Mar 2004, Arjen Runsink wrote:
> To: suse-securitysuse.com
> From: Arjen Runsink <arjenzeilers.net>
> Subject: Re: [suse-security] Strange Apache log entry
>
> Hi,
>
> On Thursday 18 March 2004 20:20, Keith Roberts wrote:
> > Hi all!
> >
> > Just found this in my Apache log.
> Yes
>
> > Is this some sort of buffer overflow attack?
> Yes
>
> > 81.250.133.68 - - [18/Mar/2004:18:07:00 +0000] "SEARCH
> <snipped 400 lines which expanded to 800 when quoted !!!!>
> >x90 \x90\x90\x90\x90\x90\x90\x90\x90\x90\x90" 414 384
>
> Look in /var/log/httpd/error_log
>
> BB, Arjen
This is all that is in error_log ref above.
[Thu Mar 18 18:07:00 2004] [error] [client 81.250.133.68]
request failed: URI too long
==========================
See: http://www.securiteam.com/exploits/5WP0C0K6AW.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]