[nycbug-talk] OT: Issues with FreeBSD & Apache
Jesse Callaway
bonsaime at gmail.com
Sat Feb 28 13:00:12 EST 2009
On Fri, Feb 27, 2009 at 9:34 AM, Matt Juszczak <matt at atopia.net> wrote:
> My Apache process on one box keeps dying (segmentation fault), and I have
> to restart it.
>
> In /var/log/messages, I'm getting:
>
> Feb 26 18:39:29 pluto suhosin[39552]: ALERT - linked list corrupt on
> efree() - heap corruption detected (attacker '70.x.x.x', file
> '/home/web/username/webserver/htdocs/index.php')
>
>
> repeatedly.
>
> What are my risks here? Is this just simply an overflow of some sort that
> I need to patch? Is my system vulnerable? I'm frankly not too familiar
> with this specific error/warning.
>
>
> Thanks for any input,
>
> Matt
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk
>
Hi Matt,
If it is an attack, they may leave some files laying around in /tmp.
Someone installed a proxy server there once. The partition was noexec,
but they still managed to fire it up and route spam through the box.
Hopefully you won't end up in the same boat. Although the situation I
was in could have been avoided with the simplest of input validation
measures. This looks to be a different type of problem.
Anyway... give the NYPHP list a holler. They may have something for you.
-jesse
More information about the talk
mailing list