From owner-freebsd-www@FreeBSD.ORG  Sat Sep  3 23:48:27 2011
Return-Path: <owner-freebsd-www@FreeBSD.ORG>
Delivered-To: www@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 40440106566B
	for <www@freebsd.org>; Sat,  3 Sep 2011 23:48:27 +0000 (UTC)
	(envelope-from gjb@FreeBSD.org)
Received: from glenbarber.us (onyx.glenbarber.us [199.48.134.227])
	by mx1.freebsd.org (Postfix) with SMTP id E5BAC8FC12
	for <www@freebsd.org>; Sat,  3 Sep 2011 23:48:26 +0000 (UTC)
Received: (qmail 85281 invoked by uid 0); 3 Sep 2011 19:23:47 -0400
Received: from unknown (HELO schism.local) (gjb@76.124.49.145)
	by 0 with SMTP; 3 Sep 2011 19:23:47 -0400
Message-ID: <4E62B703.5020801@FreeBSD.org>
Date: Sat, 03 Sep 2011 19:23:47 -0400
From: Glen Barber <gjb@FreeBSD.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6;
	rv:6.0.1) Gecko/20110830 Thunderbird/6.0.1
MIME-Version: 1.0
To: Alvaro Castillo <gobledb@gmail.com>
References: <201108280102.p7S12ujx022732@red.freebsd.org>
	<4E5997E6.7040500@FreeBSD.org>
	<CADTnMhqsGKY9G=AcgfxMo=-rpz5Uu6RFv=m+_Kwu2Qzh+G8rOg@mail.gmail.com>
In-Reply-To: <CADTnMhqsGKY9G=AcgfxMo=-rpz5Uu6RFv=m+_Kwu2Qzh+G8rOg@mail.gmail.com>
X-Enigmail-Version: 1.3.1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Cc: www@freebsd.org
Subject: Re: www/160247: Website vulnerability
X-BeenThere: freebsd-www@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: FreeBSD Project Webmasters <freebsd-www.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-www>,
	<mailto:freebsd-www-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-www>
List-Post: <mailto:freebsd-www@freebsd.org>
List-Help: <mailto:freebsd-www-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-www>,
	<mailto:freebsd-www-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Sep 2011 23:48:27 -0000

On 9/3/11 4:29 PM, Alvaro Castillo wrote:
> On Sun, Aug 28, 2011 at 2:20 AM, Glen Barber <gjb@freebsd.org> wrote:
>> On 8/27/11 9:02 PM, Alvaro wrote:
>>>> Description:
>>> The problem is on mod_deflate.
>>>
>>
>> No it isn't.
>>
>> http://seclists.org/fulldisclosure/2011/Aug/236
>>
> 
> The problem has been fixed on Apache 2* but Apache 13 isn't maintained
> by Apache Foundation.
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
> 
> Sorry but mod_deflate was included... need to disable it and set Range
> Pequest and so on
> 
> http://translate.google.es/translate?hl=es&sl=es&tl=en&u=http%3A%2F%2Fwww.securityartwork.es%2F2011%2F08%2F25%2Fdenegacion-de-servicio-en-apache%2F
> 
> Not yet solved...
>  > perl killapache.pl www.freebsd.org
>  host seems vuln
>  ATTACKING www.freebsd.org [using 50 forks]
>  ^C
>

Sorry, but www.freebsd.org does not use Apache.

-- 
Glen Barber | gjb@FreeBSD.org
FreeBSD Documentation Project