Php apachec problem
Matthew Seaman
m.seaman at infracaninophile.co.uk
Wed May 14 11:25:14 PDT 2003
On Wed, May 14, 2003 at 06:59:37PM +0530, Sunil Sunder Raj wrote:
> Hi,
> Has anybody gone through these errors.
>
> httpd in free(): warning: chunk is already free.
> httpd in free(): warning: recursive call.
>
> thousands of these in the httpd.conf file.
Sounds like someone trying to exploit last year's apache chunked
transfer encoding bug. See:
http://www.cert.org/advisories/CA-2002-17.html
http://httpd.apache.org/info/security_bulletin_20020617.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0392
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02%3A04.asc
Make sure you're running a more recent version than apache-1.3.26 or
apache-2.0.39 and you're immune.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20030514/f557717b/attachment.bin
More information about the freebsd-questions
mailing list