Re: Malicious bugzilla attachment? [Was: [Bug 63695] session_cookie attribute does not work?]
On August 29, 2019 8:52:57 AM UTC, Rainer Jung wrote: >Am 29.08.2019 um 09:55 schrieb Mark Thomas: >> That looks suspicious on multiple levels. >> >> I'll block the user account and delete the attachment. I'm also >tempted >> to resolve the issue as invalid. Any objections? > >Thanks for taking actions. I have replied in the ticket, because I >think >it's a misconfiguration. I would give the user a chance to report back, > >because apart from the broken attachment he provided reasonable info, >so >I think the ticket is not fake. If it turns out to be a >misconfiguration, then of course it is invalid. If we would have >responded sooner as we did now, we would have pointed him to the users >list. But since he actually tried to dig into it, I would find it more >friendly to give him a final chance to check my hint how to fix the >config. Ack. I'll need to unblock the account. Should be done is 5 to 10 mins. Mark >Regards, > >Rainer > >> Mark >> >> >> On 29/08/2019 10:47, Rainer Jung wrote: >>> I don't know whether this attachment is just broken or some kind of >>> attack. We might want to delete it if possible. >>> >>> It has suffix .pptx but neither Ooo, nor LibreOffice or Powerpoint >show >>> correct content. The file starts with a magic header "NASCA DRM FILE >- >>> VER1.00". >>> >>> Regards, >>> >>> Rainer >>> >>> Am 29.08.2019 um 09:23 schrieb bugzi...@apache.org: https://bz.apache.org/bugzilla/show_bug.cgi?id=63695 --- Comment #3 from kimc@gmail.com --- Created attachment 36741 --> >https://bz.apache.org/bugzilla/attachment.cgi?id=36741&action=edit jk_lb_worker.c modification Showing how I modified the source code > >- >To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org >For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Malicious bugzilla attachment? [Was: [Bug 63695] session_cookie attribute does not work?]
Am 29.08.2019 um 09:55 schrieb Mark Thomas: That looks suspicious on multiple levels. I'll block the user account and delete the attachment. I'm also tempted to resolve the issue as invalid. Any objections? Thanks for taking actions. I have replied in the ticket, because I think it's a misconfiguration. I would give the user a chance to report back, because apart from the broken attachment he provided reasonable info, so I think the ticket is not fake. If it turns out to be a misconfiguration, then of course it is invalid. If we would have responded sooner as we did now, we would have pointed him to the users list. But since he actually tried to dig into it, I would find it more friendly to give him a final chance to check my hint how to fix the config. Regards, Rainer Mark On 29/08/2019 10:47, Rainer Jung wrote: I don't know whether this attachment is just broken or some kind of attack. We might want to delete it if possible. It has suffix .pptx but neither Ooo, nor LibreOffice or Powerpoint show correct content. The file starts with a magic header "NASCA DRM FILE - VER1.00". Regards, Rainer Am 29.08.2019 um 09:23 schrieb bugzi...@apache.org: https://bz.apache.org/bugzilla/show_bug.cgi?id=63695 --- Comment #3 from kimc@gmail.com --- Created attachment 36741 --> https://bz.apache.org/bugzilla/attachment.cgi?id=36741&action=edit jk_lb_worker.c modification Showing how I modified the source code - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Malicious bugzilla attachment? [Was: [Bug 63695] session_cookie attribute does not work?]
That looks suspicious on multiple levels. I'll block the user account and delete the attachment. I'm also tempted to resolve the issue as invalid. Any objections? Mark On 29/08/2019 10:47, Rainer Jung wrote: > I don't know whether this attachment is just broken or some kind of > attack. We might want to delete it if possible. > > It has suffix .pptx but neither Ooo, nor LibreOffice or Powerpoint show > correct content. The file starts with a magic header "NASCA DRM FILE - > VER1.00". > > Regards, > > Rainer > > Am 29.08.2019 um 09:23 schrieb bugzi...@apache.org: >> https://bz.apache.org/bugzilla/show_bug.cgi?id=63695 >> >> --- Comment #3 from kimc@gmail.com --- >> Created attachment 36741 >> --> https://bz.apache.org/bugzilla/attachment.cgi?id=36741&action=edit >> jk_lb_worker.c modification >> >> Showing how I modified the source code > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org