On Wed, Mar 15, 2006 at 12:31:06PM +0000, Gaby vanhegan wrote: > Hi, > > I'm running 3.6 (yes, due for an upgrade) and I keep getting hit by
<snip> > My questions are: > > 1. How do I find out their attack vector? I have had a nessus scan > performed on the machine, but it did not present any security (I can > supply on request). I've checked the security releases in > security.html and there are no pertinent ones for httpd. Snort has > provided little useful information (I can provide access to the snort > logs if required). > >From http://www.openbsd.org/errata36.html 009: SECURITY FIX: January 12, 2005 All architectures httpd(8) 's mod_include module fails to properly validate the length of user supplied tag strings prior to copying them to a local buffer, causing a buffer overflow. This would require enabling the XBitHack directive or server-side includes and making use of a malicious document.
