Date: Sat, 29 Jun 2002 11:03:50 -0700 From: Kent Stewart <kstewart@owt.com> To: charles woolverton <charles.woolverton@tastik.net> Cc: freebsd-doc@FreeBSD.ORG, security-officer@FreeBSD.ORG Subject: Re: Fw: NEW FBSD Virus - Effects Apache Server Chunk encoding - ALERT Message-ID: <3D1DF686.9080707@owt.com> References: <002401c21f95$3edf6090$050da8c0@hustla>
next in thread | previous in thread | raw e-mail | index | archive | help
charles woolverton wrote: > > > > Team FBSD > > > > I apologize, I stand corrected. :) I would still suggest being that > Nimda was quite lethal (especially to large hosting providers), that you > put an Alert link on the front of the site.. > You missed the web page on security announcements. See ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:04.asc Kent > > > http://docs.freebsd.org/cgi/getmsg.cgi?fetch=1492768+0+current/freebsd-security > > > > Thank you, > > > > -charles > > > > ----- Original Message ----- > From: charles woolverton <mailto:charles.woolverton@tastik.net> > > To: freebsd-doc@FreeBSD.ORG <mailto:freebsd-doc@FreeBSD.ORG> > > Sent: Saturday, June 29, 2002 1:21 PM > > Subject: NEW FBSD Virus - Effects Apache Server Chunk encoding - ALERT > > > Team FBSD > > > > > > I did not see an advisory on your site, but as of June 16, 2002, there > was an "Apache HTTP Server chunk encoding stack overflow" discovered. I > have not been able to find this on Apache's website either. However, > there has been sevreal reports to securityfocus.org about Apache chunk > encoding issues. > > > > It appears that a new Worm has been identified by the Symantec staff > that targets FreeBSD systems via this Apache exploitable issue. > > > > Please see: Symantec's 'FreeBSD.Scalper.Worm' advisory - 06/28/2002 > > http://securityresponse.symantec.com/avcenter/security/Content/2049.html > > Please see: Symantec's Apache HTTP Server chunk encoding stack overfow > advisory 06/17/2002 > > http://securityresponse.symantec.com/avcenter/security/Content/2049.html > > > > Please see: Securityfocus advisories- 06/17/2002 - 06/28/2002 > > CA-2002-17 > > http://online.securityfocus.com/advisories/4210 > > 20020605-01-A > > http://online.securityfocus.com/advisories/4212 > > CLA-2002:498 > > http://online.securityfocus.com/advisories/4226 > > apache-worm.c - Supposedly the source code is available here > > http://online.securityfocus.com/archive/1/279633/2002-06-26/2002-07-02/0 > > Apache worm in the wild post > > http://online.securityfocus.com/archive/1/279529/2002-06-26/2002-07-02/0 > > CAN-2002-0392 - Apache Chunked-Encoding Corruption Vulnerability > > http://online.securityfocus.com/bid/5033 > > Apache goes berserk - May be related (What you may receive if being > attacked) > > http://online.securityfocus.com/archive/75/279373 > > > > I don't know if you put many security alerts on your site, however I'd > ask that you do place this one on. At my company we have been > encouraging our larger Managed Hosting customers to use FreeBSD. > However, being that most people that are / may be familiar with any nix > flavor don't use Symantec's website, and it's sad to say "Don't keep up > with security alerts", I would suggest putting something on the > frontpage of FreeBSD.org. Especially after what happened many times > before with Windows and Nimda/varients. > > > > > > Thank you, > > > > Charles Woolverton > > Tastik.net > > charles.woolverton@tasik.net <mailto:charles.woolverton@tasik.net> > -- Kent Stewart Richland, WA http://users.owt.com/kstewart/index.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D1DF686.9080707>