[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] RaQ3 and Apache DoS

Subject: [cobalt-security] RaQ3 and Apache DoS
From: Chad <chad_ny_01@xxxxxxxxx>
Date: Thu, 20 Jun 2002 08:19:32 -0700 (PDT)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Group,

Just wanted to confirm (and verifiy) to the list that
it's in the wild... 

We have a few RaQ3's running the standard fare Apache
1.3.6 (shame, shame) in our racks.. One has been hit
by two DoS attacks in the last 72 hours... First HTTP
stops responding, then followed a few mins later by
other services starting to fail as well... Within
about 5-10 mins everything goes tits-up... 

The solution, reboot the box.. 

No entries in the logs except the one that Michael
noted which shows up in the error log as a "child pid
exit signal Segmentation fault"

Now CERT is reporting that;

>For Apache versions 1.2.2 through 1.3.24 inclusive,
>this vulnerability may allow the execution of 
>arbitrary code by remote attackers. Exploits are 
>publicly available that claim to allow the 
>execution of arbitrary code.

I-R-KNOT-STUPID (said the little script-kiddies)

COBALT/SUN - We need some confirmation that someone is
working on a fix and quick... (PLEASE)... This could
get REALLY NASTY REALLY QUICK..!!!



__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

Follow-Ups:
- Re: [cobalt-security] RaQ3 and Apache DoS
  - From: Tom Worley

Prev by Date: [cobalt-security] Be very careful! BIND patch in RaQ4-All-System-2.0.1-14185.pkg
Next by Date: Re: [cobalt-security] Be very careful! BIND patch in RaQ4-All-System-2.0.1-14185.pkg
Previous by thread: Re: [cobalt-security] Be very careful! BIND patch in RaQ4-All-System-2.0.1-14185.pkg
Next by thread: Re: [cobalt-security] RaQ3 and Apache DoS

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index