https://nvd.nist.gov/vuln/detail/CVE-2023-38909
MEDIUM
Otis DeWitt
Contractor with Concept Plus, LLC in support of
NOAA Fisheries NMFS / ST6 | U.S. Department of Commerce
Office: (302) 648-7481 |
If you are not using "*Apache JServ Protocol (AJP)" *then the CVE does not
pertain to your Apache server.
On Mon, Feb 6, 2023 at 5:46 PM Thao, Pashia
wrote:
> PWEB server is running a version of Apache affected.
>
>
>
> Our prod web server is running a version of the Apache affected by by
>
nks Dewitt for very thorough and insightful explanation. We are using
> Yocto packaged linux version with openssl version being OpenSSL 1.1.1k-fips
> 25 Mar 2021.
>
> With Regards,
> Venkatesh
>
> On Fri, Sep 24, 2021 at 12:11 AM Otis Dewitt - NOAA Affiliate
> wrote:
>
>&g
sue.
>
> Do you know, how to generate more entropy in system or via apache so that
> it can never be deprived of entropy?
>
> With Regards,
> Venkatesh
>
> On Thu, Sep 23, 2021 at 8:46 PM Otis Dewitt - NOAA Affiliate
> wrote:
>
>> Hmm I see, I not sure why you did not
haveged and try it out.
>
>
> On Thu, Sep 23, 2021 at 4:57 AM Otis Dewitt - NOAA Affiliate
> wrote:
>
>>
>> I don't think "insufficient entropy" has anything to do with Apache, but
>> you could try installing "haveged" rpm.
>> That may
I don't think "insufficient entropy" has anything to do with Apache, but
you could try installing "haveged" rpm.
That may solve your problem.
On Wed, Sep 22, 2021 at 2:11 PM alchemist vk wrote:
> Hi All,
> We are using httpd version 2.4.46 and its working fine for a long time.
> But recently,
28 bits)
> [Thu Jun 24 08:07:11.478503 2021] [ssl:debug] [pid 2773:tid 27]
> ssl_engine_kernel.c(415): [client 10.175.18.160:60710] AH02034: Initial
> (No.1) HTTPS request received for child 344 (server 127.0.0.1:443)
> [Thu Jun 24 08:07:11.478634 2021] [authz_core:debug] [pid 2773:tid 27]
> mod_authz_core.c(815): [client 10.175.18.160:60710] AH01626:
> authorization result of Require all granted: granted
> [Thu Jun 24 08:07:11.478654 2021] [authz_core:debug] [pid 2773:tid 27]
> mod_authz_core.c(815): [client 10.175.18.160:60710] AH01626:
> authorization result of : granted
> [Thu Jun 24 08:07:11.478675 2021] [core:info] [pid 2773:tid 27] [client
> 10.175.18.160:60710] AH00129: Attempt to serve directory:
> /var/apache2/2.4/htdocs/
>
>
>
> čt 24. 6. 2021 v 3:46 odesílatel Otis Dewitt - NOAA Affiliate
> napsal:
>
>> What does the /var/log/httpd/error_log say? Paste that.
>>
>>
What does the /var/log/httpd/error_log say? Paste that.
On Wed, Jun 23, 2021 at 8:06 PM Pavel Heimlich, a.k.a. hajma <
tropikha...@gmail.com> wrote:
> st 23. 6. 2021 v 23:06 odesílatel Otis Dewitt - NOAA Affiliate
> napsal:
>
>> Check your Openssl ciphers to see if it su
Check your Openssl ciphers to see if it supports TLS 1.2
Try:
SSLProtocol -ALL -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 +TLSv1.2
SSLCipherSuite
You are being firewalld, those ports are not available from outside.
On Tue, Jan 14, 2020 at 3:23 PM Larry Irwin (work) <
larry.ir...@ccamedical.com> wrote:
> nmap shows all ports as filtered:
>
> # nmap -Pn padmahasa.ddns.net
>
> Starting Nmap 7.01 ( https://nmap.org ) at 2020-01-14 15:17 EST
>
You can also check this URL:
http://blog.revathskumar.com/2015/09/proxy-websocket-via-apache.html
Thanks,
Otis
On Tue, Dec 27, 2016 at 9:07 AM, Adam Teale wrote:
> Hi Daniel,
>
> Yes in the http_server_app.conf file it is activated:
> LoadModule ssl_module
Check this link out.
http://stackoverflow.com/questions/17889676/apache-2-4-6-reverseproxy-mod-proxy-wstunnel-for-secure-websocket-wss-fails
Thanks,
Otis
On Tue, Dec 27, 2016 at 8:55 AM, Daniel wrote:
> Silly question perhaps, are you also loading mod_ssl?
>
> 2016-12-27
Try changing all your directories to lower case and check permissions and
check selinux.
Thanks,
Otis
On Fri, Nov 18, 2016 at 9:13 AM, Roparzh Hemon
wrote:
> Apache says "It works" but also "Requested URL could not be found"
>
> This problem seems to have jumped out
[image: top] http://shib.ametsoc.org/manual/mod/mod_ldap.html#page-header
LDAPTrustedCA DirectiveDescription:
http://shib.ametsoc.org/manual/mod/directive-dict.html#DescriptionSets
the file containing the trusted Certificate Authority certificate or
databaseSyntax:
Greetings,
For httpd version 2.2.22 and older, only specify TLSv1. This is treated as
a wildcard for all TLS versions.
SSLProtocol TLSv1
Thanks,
Otis
Greetings Rose,
You could use SNMP MRTG or Catci.
Thanks,
Otis
On Mon, Jul 21, 2014 at 3:40 PM, Rose, John B jbr...@utk.edu wrote:
This is on Solaris 10
From: Rose, John Rose jbr...@utk.edu
Date: Monday, July 21, 2014 2:47 PM
To: users@httpd.apache.org users@httpd.apache.org
Subject:
Greetings Paul,
You could use code (php,ruby,asp . . .) to query the database without
actually being on the page.
I will try to use re-capture to prevent such actions.
Thanks,
Otis
On Thu, Jul 10, 2014 at 2:00 PM, Stormy storm...@stormy.ca wrote:
At 01:16 PM 7/10/2014 -0400, Otis Dewitt
Greetings,
I am having a problem hiding query strings:
Example:
Change:
http://www.fishfry.gov/pls/webpls/car_1.data_in?jtype=IMPjmnth=01jyear=2014jcountry=USAjoutput=TABLE
To Show: http://www.fishfry.gov on query return instead of showing the
complete URL as above to help mitigate the public
Greetings Eric,
Try this:
VirtualHost *:80
DocumentRoot /www/default/Site
Directory /www/default/Site
AuthType None
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
Require all granted
/Directory
/VirtualHost
Thanks,
Greetings Lennsen,
Something you should know about mod_proxy_fcgi is that currently it doesn’t
support UNIX sockets,
so you must start your PHP-FPM process using a TCP port, which is default
when you install it.
Daniel Garajau wrote a interesting document on this subject:
Thanks for that update.
On Sun, May 4, 2014 at 9:36 PM, Eric Covener cove...@gmail.com wrote:
On Sun, May 4, 2014 at 9:03 PM, Otis Dewitt - NOAA Affiliate
otis.dew...@noaa.gov wrote:
Something you should know about mod_proxy_fcgi is that currently it
doesn’t
support UNIX sockets
Greetings Yehuda,
1.) You can try something likfe this for one url:
RewriteRule ^~blog/(.*)$ /site/legacy/users/blog/$1 [R=301,L]
2.) You can also play with this rewrite to make fit for you:
RewriteEngine On
#RewriteLog logs/rewrite.log # Uncomment for rewrite logging
#RewriteLogLevel 3 #
Greetings Joe,
Understand your frustration, had similar problems in the past.
The price can vary depending on infrastructure setup.
Please email at odew...@linusoft.com so we can talk further.
Thanks,
Otis
On Wed, Apr 2, 2014 at 1:08 PM, Joe Jensen (ConAgra Foods)
joe.jen...@conagrafoods.com
Try
NameVirtualHost *:80 above VirtualHost *:80
Thanks,
Otis
On Thu, Jan 30, 2014 at 1:30 PM, Josh Stratton strattonbra...@gmail.comwrote:
I tried that. I'm including the actual config file in sites-available if
it helps.
VirtualHost *:80
ServerAdmin webmaster@localhost
ServerName
NameVirtualHost *:80
VirtualHost *:80
ServerAdmin webmaster@localhost
ServerName www.morebearsmore.com http://morebearsmore.com
ServerAlias morebearsmore.com http://www.morebearsmore.com
On Thu, Jan 30, 2014 at 1:30 PM, Josh Stratton strattonbra...@gmail.comwrote:
I tried that. I'm
Greetings,
I am constantly getting this error below in my log file:
*[error] (20014)Error string not specified yet: proxy: pass request body
failed to 172.16.11.212:7705 http://172.16.11.212:7705 (www.example.com
http://www.example.com) from 192.168.100.34 ()*
[Thu Jan 09 15:52:47 2014] [error]
Greetings,
I am constantly getting this error below in my log file:
*[error] (20014)Error string not specified yet: proxy: pass request body
failed to 172.16.11.212:7705 http://172.16.11.212:7705 (www.example.com
http://www.example.com) from 192.168.100.34 ()*
[Thu Jan 09 15:52:47 2014] [error]
Try:
First make sure openssl-devel-1.0.1e is installed.
--with-ssl=path to openssl include directory
Example:
--with-ssl=/usr/include/openssl
Thanks,
Otis
On Mon, Dec 16, 2013 at 1:58 AM, Abdul Anshad ab...@visolve.com wrote:
Hello All,
I'm trying to compile httpd-2.4.7 from source,
What do you mean?
* Since our requirement is to control access based on a path.*
Location /example1
AuthType basic
AuthName Example 1 use your LDAP login.
AuthBasicProvider ldap
AuthLDAPURL ldaps://
Very weird scenario, I can only think of a couple of reason's this can be
happening.
1. Enable debug on loglevel and see what happens in that 15mins.
2. Try removing the httpd.conf and put a default httpd.conf in place and
start it to see if the same thing happens. if not then you know it's in
.
Could you please guide me ?
http://koji.fedoraproject.org/koji/buildinfo?buildID=483947
Regards,
Abdul
On 12/12/2013 12:32 PM, Otis Dewitt - NOAA Affiliate wrote:
This patch is corrupt, it is missing content .
contact the submitter of the patch.
On Thu, Dec 12, 2013 at 12:23 AM
This patch is corrupt, it is missing content .
contact the submitter of the patch.
On Thu, Dec 12, 2013 at 12:23 AM, Abdul Anshad ab...@visolve.com wrote:
Hello All,
I can't apply a patch named *httpd-2.4.7-sslsninotreq**.patch*, when i
try to build the package httpd-2.4.7 it throws out
Try:
http://www.anindya.com/apache-http-server-2-4-2-x86-and-x64-windows-installers/
On Thu, Dec 12, 2013 at 1:35 AM, Yogesh patel
yogeshpateldai...@gmail.comwrote:
HI
I am not able to find apache 2.4 installable version. Apache official site
provides source code of it. Can i anywhere find
Take a look at awstats.
On Thu, Dec 12, 2013 at 1:51 AM, Jim Barchuk j...@jbarchuk.com wrote:
On Wed, 11 Dec 2013, Roman Gelfand wrote:
I think I was misunderstood. I am looking for a web site monitoring
software that periodically downloads a page from that site and records
statistics
Greetings,
I am using Apache 2.0.65 with mod_proxy as a reverse proxy, this proxy sits
in the DMZ and serves to the backend servers. I am getting constant errors
in the log file stating whats below.
*[Tue Dec 10 12:33:17 2013] [error] (20014)Error string not specified yet:
proxy: pass request
Greetings,
I am using Apache 2.0.65 with mod_proxy as a reverse proxy, this proxy sits
in the DMZ and serves to the backend servers. I am getting constant errors
in the log file stating whats below.
*[Tue Dec 10 12:33:17 2013] [error] (20014)Error string not specified yet:
proxy: pass request
36 matches
Mail list logo