[7603] in bugtraq
Apache 'sioux' DOS fix for TurboLinux
daemon@ATHENA.MIT.EDU (Scott Stone)
Mon Aug 10 23:11:39 1998
Date: Tue, 11 Aug 1998 10:54:40 +0900
Reply-To: Scott Stone <sstone@ume.pht.co.jp>
From: Scott Stone <sstone@UME.PHT.CO.JP>
To: BUGTRAQ@NETSPACE.ORG
A fix for TurboLinux 2.0 USA and 2.0 Japanese to fix the 'sioux' DOS
attack in Apache can be found at:
ftp://ftp.pht.com/pub/turbolinux-2.0-updates/i386/apache-1.3.1-6TL.i386.rpm
ftp://ftp.pht.com/pub/turbolinux-2.0-updates/SRPMS/apache-1.3.1-6TL.src.rpm
After installing this update, make sure to stop and restart apache, either
using xturboservice or manually from the commandline:
/etc/rc.d/init.d/httpd stop
(sometimes you must do that twice to get all the processes)
/etc/rc.d/init.d/httpd start
Proper behavior after this update is applied is for the 'sioux' exploit
program to simply report 'broken pipe' and exit, with no adverse effects
on the server side.
--------------------------------------------------
Scott M. Stone <sstone@pht.com, sstone@turbolinux.com>
<sstone@pht.co.jp>
Head of TurboLinux Development/Systems Administrator
Pacific HiTech, Inc (USA) / Pacific HiTech, KK (Japan)
http://www.pht.com http://armadillo.pht.co.jp
http://www.pht.co.jp http://www.turbolinux.com
