PQ76168: Remote attacker can disable logging on IBM
HTTP Server
Downloadable files
Abstract
CAN-2003-0460: Remote Attacker can disable access &
error logging on all IBM® HTTP Server V1.3 releases for Windows
platform.
Download Description
All installations of HTTP Server V1.3 on Windows that usa a CustomLog
or ErrorLog directive configured to pipe logs to the rotatelogs utility
are affeced by this defect. An attacker can turn off access and/or error
logging in an affected configuration by sending the server a request uri
that contains character 0x1A. On Windows, 0x1A is a control character that
tells programs reading from pipes or files that the input stream is
ending. When rotatelogs receives this character, it shutsdown and logging
will stop. The server will continue to serve pages.
Prerequisites
NONE
Installation Instructions
Please review the readme.txt for detailed installation
instructions.
Product categories: Software > Application Servers >
Distributed Application & Web Servers > IBM HTTP Server > Base
Server
Operating system(s): Windows
Software version: 1.3.26.2
Software edition: Reference #: 4005498
IBM Group: Software Group
Modified date: May 27, 2004
(C) Copyright IBM Corporation 2000, 2009. All Rights
Reserved.