[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Apache Chunked Encoding attack

Bjarne Østby <bjarne@system.paintbox.no> writes:

>From the help file of the scanner: 
>
> 	How It Works 
>
> 	The Retina Apache Chunked Scanner detects Apache servers which
> 	can be compromised by the Apache Chunked Encoding
> 	vulnerability . The scanner works by attempting to sending a
> 	small request that makes a vulnerable server to become
> 	unresponsive. As usually Apache runs with more than 1 process,
> 	there would be no down time while the test is performed.
>
>
> This indicates that is actually trys the exploit and not just check
> the version number of the apache server.  Should I worry?

Two possibilities: The documentation refers to a previous version of
the scanner, or you forgot to restart Apache after installing the
packages.

-- 
Florian Weimer 	                  Weimer@CERT.Uni-Stuttgart.DE
University of Stuttgart           http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT                          fax +49-711-685-5898


--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: