Date: Sat, 04 Aug 2001 12:23:08 -0500 From: Jon Loeliger <jdl@jdl.com> To: questions@freebsd.org Subject: Attempted Buffer Overrun in via httpd? Message-ID: <E15T58n-000Ayh-00@jdl.com>
next in thread | raw e-mail | index | archive | help
Folks, I see a large number of httpd requests that look like this: 211.41.175.10 - - [03/Aug/2001:23:49:55 -0500] "GET /default.ida?NNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3 %u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00= a HTTP/1.0" 400 316 "-" "-" in my httpd access logs. This just smells like an attemtped buffer over run exploit at work. Anyone recognize it and know anything about it? Should I be worried? I'm running a current (right out of Ports) Apache here. Thanks, jdl To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E15T58n-000Ayh-00>