You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Hassan S <su...@yahoo.com> on 2003/04/06 12:56:13 UTC
[users@httpd] Apache HTTP Server MIME message boundaries information disclosure
Hello Everyone,
Did anyone remedy this vulnerability which was
described in the following link?
http://www.iss.net/security_center/static/11438.php
What are the necessary steps (patch, if any) to take?
Thanks in advance,
Hasan
__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - File online, calculators, forms, and more
http://tax.yahoo.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Slow
Posted by "netforum.com.br - Mail Host - Listserv" <ne...@netforum.com.br>.
Hello,
I need some help:
Win 2K server
256 Mb
PHP 4.21
Mysql
APACHE 1.322
All works fine. The pages ( Postnuke ) about 3 sec to load and others links
too.
Some times, i need to reboot the machine because the APACHE do not
responding (i think ), and apache is started, but the page above too slow
and 40 60 seconds to load.
I start stop and start apache, and nothing.
When I reboot machine, all ok !!
I have httpd.conf ThreadsPerchild, MaxRequestPerChild as default to win 32.
I do not know what can i do, and because this i permit myself to beg your
help.
I wish to thank to any ideas !!
Mike
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.467 / Virus Database: 266 - Release Date: 4/1/2003
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] ** New Apache vulnerability ?? *** Apache HTTP
Server MIME message boundaries information disclosure
Posted by Rasmus Lerdorf <ra...@apache.org>.
Why don't you just follow the remedy instructions given right at the URL
you referenced. Either disable FileEtag or apply the patch they
reference:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/008_httpd.patch
But yes, this should probably be addressed in the main Apache code base.
This patch, or one like it, is not in CVS yet.
-Rasmus
On Tue, 8 Apr 2003, Hassan S wrote:
> [ 2nd try]
>
> Any response is highly appreciated.
>
> Thanks
> Hassan
>
> --- Hassan S <su...@yahoo.com> wrote:
> > Hello Everyone,
> >
> > Did anyone remedy this vulnerability which was
> > described in the following link?
> >
> > http://www.iss.net/security_center/static/11438.php
> >
> > What are the necessary steps (patch, if any) to
> > take?
> >
> > Thanks in advance,
> > Hasan
> >
> > __________________________________________________
> > Do you Yahoo!?
> > Yahoo! Tax Center - File online, calculators, forms,
> > and more
> > http://tax.yahoo.com
> >
> >
> ---------------------------------------------------------------------
> > The official User-To-User support forum of the
> > Apache HTTP Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for
> > more info.
> > To unsubscribe, e-mail:
> > users-unsubscribe@httpd.apache.org
> > " from the digest:
> > users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail:
> > users-help@httpd.apache.org
> >
>
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Tax Center - File online, calculators, forms, and more
> http://tax.yahoo.com
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] ** New Apache vulnerability ?? *** Apache HTTP Server MIME message boundaries information disclosure
Posted by Hassan S <su...@yahoo.com>.
[ 2nd try]
Any response is highly appreciated.
Thanks
Hassan
--- Hassan S <su...@yahoo.com> wrote:
> Hello Everyone,
>
> Did anyone remedy this vulnerability which was
> described in the following link?
>
> http://www.iss.net/security_center/static/11438.php
>
> What are the necessary steps (patch, if any) to
> take?
>
> Thanks in advance,
> Hasan
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Tax Center - File online, calculators, forms,
> and more
> http://tax.yahoo.com
>
>
---------------------------------------------------------------------
> The official User-To-User support forum of the
> Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for
> more info.
> To unsubscribe, e-mail:
> users-unsubscribe@httpd.apache.org
> " from the digest:
> users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail:
> users-help@httpd.apache.org
>
__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - File online, calculators, forms, and more
http://tax.yahoo.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org