[lug] New attack?
Andrew R. Diederich
diederic at boulder.net
Mon Jul 8 09:19:44 MDT 2002
It's a bug. Here's from Apache week issue 301:
One of the changes included in Apache 1.3.26 has caused a few
surprises as parsing of the HTTP request line in Apache has become
stricter; now rejecting some illegal requests which earlier
versions accepted. Any client applications which were generating
illegal request lines and getting away with it will find that when
taking to Apache 1.3.26 a 400 Illegal Request error response will
be returned. An example of an illegal request line would be to
include an unescaped space character in the URI. Consensus on the
list was that the code should be reverted to the previous
behaviour, following the IETF maxim: "be liberal in what you
accept".
Hope this helps.
--
Andrew
On Mon, 8 Jul 2002, Rob Nagler wrote:
> I saw this yesterday and today:
>
> [Mon Jul 8 07:11:42 2002] [error] [client 200.24.106.34] Client sent malformed Host header
>
> I'm in the midst of upgrading our production machines to apache 1.3.26
> (and RH7.2). I'm not seeing the above message on the production
> machines.
>
> Thanks,
> Rob
>
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
>
More information about the LUG
mailing list