From owner-freebsd-security  Fri Jun 21 11:25:44 2002
Delivered-To: freebsd-security@freebsd.org
Received: from thor.birkenwald.de (thor.birkenwald.de [195.143.230.218])
	by hub.freebsd.org (Postfix) with ESMTP id 873E437B401
	for <freebsd-security@freebsd.org>; Fri, 21 Jun 2002 11:25:34 -0700 (PDT)
Received: by thor.birkenwald.de (Postfix, from userid 1000)
	id 8B6261ABF4; Fri, 21 Jun 2002 20:25:32 +0200 (CEST)
Date: Fri, 21 Jun 2002 20:25:32 +0200
From: Bernhard Schmidt <berni@birkenwald.de>
To: Maxim Kozin <madmax@express.ru>
Cc: freebsd-security@freebsd.org
Subject: Re: Apache expoit?
Message-ID: <20020621182532.GA50708@thor.birkenwald.de>
References: <2147483647.1024500409@[192.168.4.154]> <Pine.BSF.4.05.10206201332120.3035-100000@ds.express.ru>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.BSF.4.05.10206201332120.3035-100000@ds.express.ru>
User-Agent: Mutt/1.3.99i
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Thu, Jun 20, 2002 at 02:44:35PM +0400, Maxim Kozin wrote:

> "Exploit" from this letter tested on FreeBSD 4.6-RELEASE  with different 
> version apache:
> 1) 2.0.36
> 2) 2.0.39 
> 3) 1.3.26
> In case of 1) and (!) 2)  httpd child died with "child out of swap
> space".
> So, in 2.0.39 still exists DoS.

JFTR, same here on FreeBSD 4.5-RELEASE and 4.6-RELEASE with Apache 2.0.39
straight from /usr/ports/www/apache2.

Anyone heard something from the apache.org people about this?

-- 
   bye bye
     Bernhard

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message