From owner-freebsd-security Fri Oct 25 10:32:57 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4A9ED37B401 for ; Fri, 25 Oct 2002 10:32:55 -0700 (PDT) Received: from securityfocus.com (mail.securityfocus.com [205.206.231.9]) by mx1.FreeBSD.org (Postfix) with SMTP id 0907D43E42 for ; Fri, 25 Oct 2002 10:32:54 -0700 (PDT) (envelope-from da@securityfocus.com) Received: (qmail 4743 invoked by uid 118); 25 Oct 2002 17:24:22 -0000 Date: Fri, 25 Oct 2002 11:24:22 -0600 (MDT) From: Dave Ahmad To: "Kevin D. Kinsey, DaleCo, S.P." Cc: security@FreeBSD.ORG Subject: Re: New (to me) apache error... In-Reply-To: <004101c27c4b$808cae90$fa00a8c0@DaleCoportable> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Kevin, 24.112.227.167 is attempting to proxy a connection to mx1.mail.yahoo.com:25 through your HTTP server. See: http://online.securityfocus.com/bid/4131 David Mirza Ahmad Symantec 0x26005712 8D 9A B1 33 82 3D B3 D0 40 EB AB F0 1E 67 C6 1A 26 00 57 12 On Fri, 25 Oct 2002, Kevin D. Kinsey, DaleCo, S.P. wrote: > Hi, Gentlemen, > > This appeared in my apache error log today. Any thoughts? > Malevolent code entered by a website user, perhaps? > > [Fri Oct 25 08:32:16 2002] [error] [client 24.112.227.167] request > failed: > erroneous characters after protocol string: > CONNECT mx1.mail.yahoo.com:25 / HTTP/1.0 > > Kevin Kinsey > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message