Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Apache 'sioux' DOS fix for TurboLinux

From: sstone () ume pht co jp (Scott Stone)
Date: Tue, 11 Aug 1998 10:54:40 +0900

A fix for TurboLinux 2.0 USA and 2.0 Japanese to fix the 'sioux' DOS
attack in Apache can be found at:

ftp://ftp.pht.com/pub/turbolinux-2.0-updates/i386/apache-1.3.1-6TL.i386.rpm
ftp://ftp.pht.com/pub/turbolinux-2.0-updates/SRPMS/apache-1.3.1-6TL.src.rpm

After installing this update, make sure to stop and restart apache, either
using xturboservice or manually from the commandline:

/etc/rc.d/init.d/httpd stop
(sometimes you must do that twice to get all the processes)
/etc/rc.d/init.d/httpd start

Proper behavior after this update is applied is for the 'sioux' exploit
program to simply report 'broken pipe' and exit, with no adverse effects
on the server side.

--------------------------------------------------
Scott M. Stone <sstone () pht com, sstone () turbolinux com>
               <sstone () pht co jp>
Head of TurboLinux Development/Systems Administrator
Pacific HiTech, Inc (USA) / Pacific HiTech, KK (Japan)
http://www.pht.com              http://armadillo.pht.co.jp
http://www.pht.co.jp            http://www.turbolinux.com
Previous By Date Next
Previous By Thread Next

Current thread: