[Apache2] What the heck happened here?

Glaanieboy

Glaanieboy

OSNN Veteran Addict
Joined
6 Mar 2002
Messages
2,628
(see attached part of the Apache2 httpd log)
What the heck happened here, that is what I want to know. I have never seen this loooong 'search' string. What did it search for, can it hurt, does it have consequenses (sp)?
BTW, I traced the IP back to a client who uses the same ISP as I use (Wanadoo Cable NL), so I can easily track the user down if necessary.
 

Attachments

  • httpd.log.part.txt
    31.3 KB · Views: 120
Maybe someone trying to do a buffer-overflow? If it didn't affect anything ... Your version is probably patched against it.
 
vern said:
Maybe someone trying to do a buffer-overflow? If it didn't affect anything ... Your version is probably patched against it.
Click to expand...

Agrees, also if you contact your/their ISP, they probably won't do anything unfortunately.
 
I agree... looks like a buffer overflow exploit. Looks kinda neat in notepad with wordwrap on ;)
 
Upgrade your Apache2 server to the latest version just in case. ;)

Also, try to configure the search program to limit the number of characters that can be used. So before Apache evaluates the search parameters fully (i.e. before it starts searching), it's already returning an error that the search string is too long. Or something like that. :p

Unless I misunderstood what "Search" does there. I'm thinking of a search program on your hosted site, like the Google and Altavista ones. Ya know. xD Oh well.
 
yeah glaanie, do a cvsup just in case. Make sure everything is up to date ;)
 
It is a Sploit for IIS (I see it all the time on servers i admin). But like the others said, just update. And better be safe than sorry.
 
Hehe, I should have said it's running on Windows XP ... :eek:
Anyway, it is the latest version (as of 3 weeks ago) and since it's an IIS exploit, I don't need to worry :D Thanks guys

(ps, please no flaming because I use XP+apache as a webserver, my freebsd server was broken, so I had to :))
 
thekore said:
yeah fix the server :p
Click to expand...
Almost, almost. Just got Samba3 running and I am ready to transfer the backups back to the server. Then all I have to do is import MySQL tables + data, reroute the internal IP, then I am all set :)
 
You must log in or register to reply here.

Members online

No members online now.
Total: 284 (members: 0, guests: 284)

Affiliates

lunarsoft.net techzonez.com

- Contact us to trade links -

OSNN OSNN NTFS XP-erience

Latest profile posts

Steevo
Steevo
Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
•••
Steevo
Steevo
Any of the SP crew still out there?
•••
Xie
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
•••
N
Nismo83
hello peeps... is been some time since i last came here.
•••
Electronic Punk
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.
•••

Forum statistics

Threads
62,015
Messages
673,494
Members
5,621
Latest member
naeemsafi
Back