Bug#244174: apache: bogus requests create oversized log entries with wrong error code
Package: apache
Version: 1.3.29.0.2-4
Severity: normal
I receive many requests looking like "SEARCH /\x90\x02\...." etc. often with
dozens of kB in length. these result in log lines containing apparently the
WHOLE request, followed by 314 (URI too long) and a number of bytes sent in
reply BUT:
1) AFAIK there exists no "SEARCH" request in HTTP1.1, (a grep for "SEARCH"
in the specification text gives no exploitable results)
2) the log entries result in lots of mails sent to me (exactly 48 a day, once
each time the analyzer is running) by my webalizer (analysis of access.log file
in order to produce web statistics) program (these log entries are treated as
errors, which is probably right, and only suppressing ALL error messages would
prevent their apparition)
so, I think the error code should be 405 (method not allowed) or eventually
400 (Bad request), or another 4xx code, and the log lines should stop there
without repeating the whole bogus request.
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i586)
Kernel: Linux 2.4.18-bf2.4
Locale: LANG=fr_FR@euro, LC_CTYPE=fr_FR@euro
Versions of packages apache depends on:
ii apache-common 1.3.29.0.2-4 Support files for all Apache webse
ii debconf 1.3.22 Debian configuration management sy
ii dpkg 1.10.18 Package maintenance system for Deb
ii libc6 2.3.2.ds1-10 GNU C Library: Shared libraries an
ii libdb4.2 4.2.52-3 Berkeley v4.2 Database Libraries [
ii libexpat1 1.95.6-6 XML parsing C library - runtime li
ii libmagic1 4.06-2 File type determination library us
ii libpam0g 0.76-14.1 Pluggable Authentication Modules l
ii logrotate 3.6.5-2 Log rotation utility
ii mime-support 3.23-1 MIME files 'mime.types' & 'mailcap
ii perl 5.8.3-3 Larry Wall's Practical Extraction
-- debconf information:
* apache/enable-suexec: false
* apache/server-name: tmtm.homelinux.org
* apache/document-root: /var/www
* apache/server-port: 80
* apache/init: true
* apache/server-admin: norbert@tmtm.homelinux.org
Reply to: