[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Try to hack ?

Michelle Konzack writes:
sinc 2004-06-14 I have following entries in my BOA-Log:
buffer overrun - read.c, read_header - closing

Could be somebody trying to exploit a recently discovered Apache header vulnerability. For instance: http://www.guninski.com/httpd1.html
malformed request: "CONNECT HTTP/1.0"

That's a common one I see too -- people trying to use a HTTP server as a proxy to surf other sites or use your web server to relay spam. Not having a proxy or clamping down with ACLs are your protection. Presumably, BOA logged it as a malformed request because it doesn't support "CONNECT" http proxying.

Reply to: