https://issues.apache.org/bugzilla/show_bug.cgi?id=54416
Marc Arens <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW --- Comment #2 from Marc Arens <[email protected]> --- AFAIU the result of the CVE is to return HTTP_NOT_IMPLEMENTED instead of HTTP_BAD_REQUEST which marked the the active node as "in error" state to prevent the DOS. The main problem seems to be that mod_proxy_ajp responds with "No such method MKCALENDAR" to MKCALENDAR request. [Fri Dec 14 12:24:49 2012] [debug] mod_proxy_ajp.c(45): proxy: AJP: canonicalising URL //localhost:8009/servlet/dav/caldav/B731244A-5D06-4941-83F1-880A1EAE6343/ [Fri Dec 14 12:24:49 2012] [debug] proxy_util.c(1525): [client 192.168.32.238] proxy: *: found reverse proxy worker for ajp://localhost:8009/servlet/dav/caldav/B731244A-5D06-4941-83F1-880A1EAE6343/ [Fri Dec 14 12:24:49 2012] [debug] mod_proxy.c(1020): Running scheme ajp handler (attempt 0) [Fri Dec 14 12:24:49 2012] [debug] mod_proxy_ajp.c(681): proxy: AJP: serving URL ajp://localhost:8009/servlet/dav/caldav/B731244A-5D06-4941-83F1-880A1EAE6343/ [Fri Dec 14 12:24:49 2012] [debug] proxy_util.c(2011): proxy: AJP: has acquired connection for (*) [Fri Dec 14 12:24:49 2012] [debug] proxy_util.c(2067): proxy: connecting ajp://localhost:8009/servlet/dav/caldav/B731244A-5D06-4941-83F1-880A1EAE6343/ to localhost:8009 [Fri Dec 14 12:24:49 2012] [debug] proxy_util.c(2193): proxy: connected /servlet/dav/caldav/B731244A-5D06-4941-83F1-880A1EAE6343/ to localhost:8009 [Fri Dec 14 12:24:49 2012] [debug] proxy_util.c(2444): proxy: AJP: fam 2 socket created to connect to * [Fri Dec 14 12:24:49 2012] [debug] ajp_header.c(224): Into ajp_marshal_into_msgb [Fri Dec 14 12:24:49 2012] [error] ajp_marshal_into_msgb - No such method MKCALENDAR [Fri Dec 14 12:24:49 2012] [error] ajp_send_header: ajp_marshal_into_msgb failed [Fri Dec 14 12:24:49 2012] [error] (120010)APR does not understand this error code: proxy: AJP: request failed to (null) (*) [Fri Dec 14 12:24:49 2012] [debug] proxy_util.c(2029): proxy: AJP: has released connection for (*) Using Apache 2.2.16-6+squeeze10 in a setup with proxy_balancer and proxy_ajp here. Switching to proxy_http as a workaorund lets Apache accept MKCALENDAR requests. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
