[WebDNA] Re: Digest from talk@webdna.us

This WebDNA talk-list message is from

2017

It keeps the original formatting. numero = 113646
interpreted = N
texte = 1241--001a1141f40cfadea60554344510Content-Type: text/plain; charset="UTF-8""The attack targets some specific php flaws by scanning the =servers with specially formatted URLs and one of them also affects =webdna."Thanks, Chris. I do see targeted php oriented URLs, but wonder if you couldgive some clue as to the specific one that is impacting WebDNA so that wecan filter against it. If you prefer to answer in private, that is fine.On Sat, Jul 8, 2017 at 1:00 AM, wrote:> From: "mainlighting ." > Date: Fri, 7 Jul 2017 08:36:20 -0400> Message-ID: gmail.com>> Subject: [WebDNA] site becomes unavailable and WebCatalog warnings> To: talk@webdna.us> Content-Type: multipart/alternative; boundary="> 94eb2c0590eefd3d630553b97a47"> Reply-To: >> --94eb2c0590eefd3d630553b97a47> Content-Type: text/plain; charset="UTF-8">> On WebDNA 8 on Centos the site has become unavailable several times in the> last few days. In roughly the timeframe when this happens, messages like> the following appear in the 'messages' log:>> Error in `WebCatalog': free(): invalid next size (normal):> 0x00007fe34c03bea0> *** Error in `WebCatalog': double free or corruption (out):> 0x00007f00c401d780 ***>> Is this reflecting an out of memory condition or some other issue?>> --94eb2c0590eefd3d630553b97a47> Content-Type: text/html; charset="UTF-8"> Content-Transfer-Encoding: quoted-printable>>

On WebDNA 8 on Centos the site has become unavailable> seve=> ral times in the last few days. In roughly the timeframe when this> happens,=> messages like the following appear in the 'messages'> log:

=C2=A0Error in `WebCatalog': free(): invalid next size> => (normal): 0x00007fe34c03bea0

*** Error in `WebCatalog':> doubl=> e free or corruption (out): 0x00007f00c401d780> ***

Is this reflecting an out of memory condition or some other> issue? div>

>> --94eb2c0590eefd3d630553b97a47-->> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list talk@webdna.us> To unsubscribe, E-mail to: talk-leave@webdna.us> archives: http://www.webdna.us/page.dna?numero=3D55> Bug Reporting: support@webdna.us> From: christophe.billiottet@webdna.us> Content-Type: text/plain; charset=us-ascii> Content-Transfer-Encoding: quoted-printable> Subject: Re: [WebDNA] site becomes unavailable and WebCatalog warnings> Date: Fri, 7 Jul 2017 17:20:10 +0300> To: "" > Message-Id: <2FCC7B80-86E5-4329-BB0D-01AAB0455934@webdna.us>> Reply-To: >> This is due to massive and broad attacks that started last month on our => side too. The attack targets some specific php flaws by scanning the => servers with specially formatted URLs and one of them also affects => webdna. The problem has been fixed in the code and the fix will be => released with next version.>> - chris>>>> > On Jul 7, 2017, at 15:36, mainlighting . => wrote:> >=20> > On WebDNA 8 on Centos the site has become unavailable several times in => the last few days. In roughly the timeframe when this happens, messages => like the following appear in the 'messages' log:> >=20> > Error in `WebCatalog': free(): invalid next size (normal): => 0x00007fe34c03bea0> > *** Error in `WebCatalog': double free or corruption (out): => 0x00007f00c401d780 ***> >=20> > Is this reflecting an out of memory condition or some other issue?> > --------------------------------------------------------- This message => is sent to you because you are subscribed to the mailing list => talk@webdna.us To unsubscribe, E-mail to: talk-leave@webdna.us archives: => http://www.webdna.us/page.dna?numero=3D55 Bug Reporting: => support@webdna.us>>> Subject: Re: [WebDNA] site becomes unavailable and WebCatalog warnings> To: talk@webdna.us> From: Kenneth Grome > Message-ID: <0f677f43-d467-9db6-9bcb-e2952f555fdd@webdnasolutions.com>> Date: Fri, 7 Jul 2017 09:55:28 -0500> Content-Type: text/plain; charset=utf-8> Content-Transfer-Encoding: 7bit> Reply-To: >> > The problem has been fixed in the code and the fix will be> > released with next version.>> This brings up a related question:>> When might we expect this "next version" to become available?>> Regards,> Kenneth Grome> WebDNA Solutions> http://www.webdnasolutions.com> Web Database Systems and Linux Server Administration>>>>> From: christophe.billiottet@webdna.us> Content-Type: text/plain; charset=utf-8> Content-Transfer-Encoding: quoted-printable> Subject: Re: [WebDNA] site becomes unavailable and WebCatalog warnings> Date: Fri, 7 Jul 2017 18:05:12 +0300> To: "" > Message-Id: > Reply-To: >> We don=E2=80=99t know yet, because we are preparing several new features => to WebDNA. So we don=E2=80=99t know if there will be a minor release => before the major one :-)>> Maybe two months?>> - chris>>>>>>>>>>> > On Jul 7, 2017, at 17:55, Kenneth Grome => wrote:> >=20> >> The problem has been fixed in the code and the fix will be> >> released with next version.> >=20> > This brings up a related question:> >=20> > When might we expect this "next version" to become available?> >=20> > Regards,> > Kenneth Grome> > WebDNA Solutions> > http://www.webdnasolutions.com> > Web Database Systems and Linux Server Administration> >=20> >=20> >=20> > ---------------------------------------------------------> > This message is sent to you because you are subscribed to> > the mailing list talk@webdna.us> > To unsubscribe, E-mail to: talk-leave@webdna.us> > archives: http://www.webdna.us/page.dna?numero=3D55> > Bug Reporting: support@webdna.us>>> From: Terry Wilson > Content-Type: text/plain;> charset=us-ascii> Content-Transfer-Encoding: quoted-printable> Date: Fri, 7 Jul 2017 08:13:09 -0700> Subject: Re: [WebDNA] site becomes unavailable and WebCatalog warnings> Message-Id: <846EA092-F4C2-4D1F-98C5-FD472F24CD9E@terryfic.com>> To: talk@webdna.us> Reply-To: >> What is the special format that applies to Webdna code?>> Sent from my iPad>> > On Jul 7, 2017, at 7:20 AM, christophe.billiottet@webdna.us wrote:> >=20> > This is due to massive and broad attacks that started last month on our> si=> de too. The attack targets some specific php flaws by scanning the servers> w=> ith specially formatted URLs and one of them also affects webdna. The> proble=> m has been fixed in the code and the fix will be released with next> version.=>> >=20> > - chris> >=20> >=20> >=20> >> On Jul 7, 2017, at 15:36, mainlighting . > wrote:> >>=20> >> On WebDNA 8 on Centos the site has become unavailable several times in> th=> e last few days. In roughly the timeframe when this happens, messages like> t=> he following appear in the 'messages' log:> >>=20> >> Error in `WebCatalog': free(): invalid next size (normal):> 0x00007fe34c03=> bea0> >> *** Error in `WebCatalog': double free or corruption (out):> 0x00007f00c40=> 1d780 ***> >>=20> >> Is this reflecting an out of memory condition or some other issue?> >> --------------------------------------------------------- This message> is=> sent to you because you are subscribed to the mailing list talk@webdna.us> T=> o unsubscribe, E-mail to: talk-leave@webdna.us archives:> http://www.webdna.u=> s/page.dna?numero=3D55 Bug Reporting: support@webdna.us> >=20> > ---------------------------------------------------------> > This message is sent to you because you are subscribed to> > the mailing list talk@webdna.us> > To unsubscribe, E-mail to: talk-leave@webdna.us> > archives: http://www.webdna.us/page.dna?numero=3D55> > Bug Reporting: support@webdna.us>>> Subject: Re: [WebDNA] site becomes unavailable and WebCatalog warnings> To: talk@webdna.us> From: Kenneth Grome > Message-ID: <7b1c9c19-2a6a-cbb6-3f45-9a3b32389ef0@webdnasolutions.com>> Date: Fri, 7 Jul 2017 10:16:51 -0500> Content-Type: text/plain; charset=utf-8> Content-Transfer-Encoding: quoted-printable> Reply-To: >> >>> This is due to massive and broad attacks that started last=20> >>> month. The problem has been fixed in the code and the fix> >>> will be released with next version.> >>=20> >> When might we expect this "next version" to become=20> >> available?> >=20> > We don=E2=80=99t know yet, because we are preparing several new=20> > features to WebDNA. So we don=E2=80=99t know if there will be a minor=20> > release before the major one :-)> >=20> > Maybe two months?>>> I'm somewhat surprised to learn that you knew this problem> existed since last month yet you haven't released a version that> eliminates it.>> Apparently this problem has the potential to cause production> WebDNA severs to fail, produce errors, or become unresponsive.> This seems like an urgent and critical issue to me.>> Don't you think it would be a good idea to release a version that> eliminates this hacking problem immediately ... and then continue> working on your future version (with the new features) later?>> Regards,> Kenneth Grome> WebDNA Solutions> http://www.webdnasolutions.com> Web Database Systems and Linux Server Administration>> From: christophe.billiottet@webdna.us> Content-Type: text/plain; charset=utf-8> Content-Transfer-Encoding: quoted-printable> Subject: Re: [WebDNA] site becomes unavailable and WebCatalog warnings> Date: Fri, 7 Jul 2017 18:45:45 +0300> To: "" > Message-Id: <3718D6CC-8DEE-4A21-85D3-10F01A22EB83@webdna.us>> Reply-To: >> The problem is from 1997 code=E2=80=A6. it has been there for 20 years, => this can wait two more months. Also, the URL that produces it is => completely unatural and exceptional.>> - chris>>> > On Jul 7, 2017, at 18:16, Kenneth Grome => wrote:> >=20> >>>> This is due to massive and broad attacks that started last=20> >>>> month. The problem has been fixed in the code and the fix> >>>> will be released with next version.> >>>=20> >>> When might we expect this "next version" to become=20> >>> available?> >>=20> >> We don=E2=80=99t know yet, because we are preparing several new=20> >> features to WebDNA. So we don=E2=80=99t know if there will be a> minor=20=>> >> release before the major one :-)> >>=20> >> Maybe two months?> >=20> >=20> > I'm somewhat surprised to learn that you knew this problem> > existed since last month yet you haven't released a version that> > eliminates it.> >=20> > Apparently this problem has the potential to cause production> > WebDNA severs to fail, produce errors, or become unresponsive.> > This seems like an urgent and critical issue to me.> >=20> > Don't you think it would be a good idea to release a version that> > eliminates this hacking problem immediately ... and then continue> > working on your future version (with the new features) later?> >=20> > Regards,> > Kenneth Grome> > WebDNA Solutions> > http://www.webdnasolutions.com> > Web Database Systems and Linux Server Administration>>>>>> Subject: Re: [WebDNA] site becomes unavailable and WebCatalog warnings> To: talk@webdna.us> From: Kenneth Grome > Message-ID: <844372a0-cbb4-f911-ee65-36ce67b28d80@webdnasolutions.com>> Date: Fri, 7 Jul 2017 10:49:29 -0500> Content-Type: text/plain; charset=utf-8> Content-Transfer-Encoding: quoted-printable> Reply-To: >> So if you provide the URL that produces this problem, we should be> able to use the web server (Apache or other) to filter it out so> that it won't affect our live servers, correct?>> Regards,> Kenneth Grome> WebDNA Solutions> http://www.webdnasolutions.com> Web Database Systems and Linux Server Administration>>>> On 07/07/2017 10:45 AM, christophe.billiottet@webdna.us wrote:> > The problem is from 1997 code=E2=80=A6. it has been there for 20 years,=> this can wait two more months. Also, the URL that produces it is complet=> ely unatural and exceptional.> >=20> > - chris> >=20> >=20> >> On Jul 7, 2017, at 18:16, Kenneth Grome wrot=> e:> >>> >>>>> This is due to massive and broad attacks that started last=20> >>>>> month. The problem has been fixed in the code and the fix> >>>>> will be released with next version.> >>>>> >>>> When might we expect this "next version" to become=20> >>>> available?> >>>> >>> We don=E2=80=99t know yet, because we are preparing several new=20> >>> features to WebDNA. So we don=E2=80=99t know if there will be a minor=> =20> >>> release before the major one :-)> >>>> >>> Maybe two months?> >>> >>> >> I'm somewhat surprised to learn that you knew this problem> >> existed since last month yet you haven't released a version that> >> eliminates it.> >>> >> Apparently this problem has the potential to cause production> >> WebDNA severs to fail, produce errors, or become unresponsive.> >> This seems like an urgent and critical issue to me.> >>> >> Don't you think it would be a good idea to release a version that> >> eliminates this hacking problem immediately ... and then continue> >> working on your future version (with the new features) later?> >>> >> Regards,> >> Kenneth Grome> >> WebDNA Solutions> >> http://www.webdnasolutions.com> >> Web Database Systems and Linux Server Administration> >=20> >=20> >=20> >=20> > ---------------------------------------------------------> > This message is sent to you because you are subscribed to> > the mailing list talk@webdna.us> > To unsubscribe, E-mail to: talk-leave@webdna.us> > archives: http://www.webdna.us/page.dna?numero=3D55> > Bug Reporting: support@webdna.us> >=20>> From: christophe.billiottet@webdna.us> Content-Type: text/plain; charset=us-ascii> Content-Transfer-Encoding: 7bit> Subject: Re: [WebDNA] site becomes unavailable and WebCatalog warnings> Date: Fri, 7 Jul 2017 19:00:47 +0300> To: "" > Message-Id: <49B18D31-297F-4B1E-9DB3-8D15E9860218@webdna.us>> Reply-To: >> correct :-)>>> > On Jul 7, 2017, at 18:49, Kenneth Grome wrote:> >> > So if you provide the URL that produces this problem, we should be> > able to use the web server (Apache or other) to filter it out so> > that it won't affect our live servers, correct?> >> > Regards,> > Kenneth Grome> > WebDNA Solutions> > http://www.webdnasolutions.com> > Web Database Systems and Linux Server Administration>>>>>>---------------------------------------------------------This message is sent to you because you are subscribed tothe mailing list talk@webdna.usTo unsubscribe, E-mail to: talk-leave@webdna.usarchives: http://www.webdna.us/page.dna?numero=3D55Bug Reporting: support@webdna.us--001a1141f40cfadea60554344510Content-Type: text/html; charset="UTF-8"Content-Transfer-Encoding: quoted-printable

"The attack targets =some specific php flaws by scanning the =3D
servers with specially formatted URL=s and one of them also affects =3D
webdna."

Thanks,= Chris. I do see targeted php oriented URLs, but wonder if you could give s=ome clue as to the specific one that is impacting WebDNA so that we can fil=ter against it. If you prefer to answer in private, that is fine.

On Sat, =Jul 8, 2017 at 1:00 AM, <talk@webdna.us> wrote:
From: "mainlighting ." <mainlighting@gmail.com>
Date: Fri, 7 Jul 2017 08:36:20 -0400
Message-ID: <CANfEnoDOZtyfxbCEbf4ZuRPz3RKtXG0U1=3DaqR++vGnEZGO==3De4g@mail.gmail.com>Subject: [WebDNA] site becomes unavailable and WebCatalog warnings
To: talk@webdna.us
Content-Type: multipart/alternative; boundary=3D"94eb2c0590eefd3d=630553b97a47"
Reply-To: <talk@webdna.us>

--94eb2c0590eefd3d630553b97a47
Content-Type: text/plain; charset=3D"UTF-8"

On WebDNA 8 on Centos the site has become unavailable several times in the<=br>last few days. In roughly the timeframe when this happens, messages likethe following appear in the 'messages' log:

=C2=A0Error in `WebCatalog': free(): invalid next size (normal):
0x00007fe34c03bea0
*** Error in `WebCatalog': double free or corruption (out):
0x00007f00c401d780 ***

Is this reflecting an out of memory condition or some other issue?

--94eb2c0590eefd3d630553b97a47
Content-Type: text/html; charset=3D"UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D3D"ltr">On WebDNA 8 on Centos the site has becom=e unavailable seve=3D
ral times in the last few days. In roughly the timeframe when this happens,==3D
=C2=A0messages like the following appear in the 'messages' =log:<div><br>=3D
</div><div><div>=3DC2=3DA0Error in `WebCatalog': =free(): invalid next size =3D
(normal): 0x00007fe34c03bea0</div><div>*** Error in `WebCa=talog': doubl=3D
e free or corruption (out): 0x00007f00c401d780 ***</div></div>&=lt;div><br></di=3D
v><div>Is this reflecting an out of memory condition or some other= issue?</=3D
div></div>

--94eb2c0590eefd3d630553b97a47--

---------------------------------------------------------
This message is sent to you because you are subscribed to
the mailing list talk@webdna.us
To unsubscribe, E-mail to: talk-lea=ve@webdna.us
archives: http://www.webdna.us/page.dna?numero=3D3D5=5
Bug Reporting: support@webdna.usFrom: christophe.billi=ottet@webdna.us
Content-Type: text/plain; charset=3Dus-ascii
Content-Transfer-Encoding: quoted-printable
Subject: Re: [WebDNA] site becomes unavailable and WebCatalog warnings
Date: Fri, 7 Jul 2017 17:20:10 +0300
To: "<talk@webdna.us>"=; <talk@webdna.us>
Message-Id: <2FCC7B80-86E5-4329-BB0D-01AAB0455934@webdna.us>
Reply-To: <talk@webdna.us>

This is due to massive and broad attacks that started last month on our =3D=
side too. The attack targets some specific php flaws by scanning the =3Dservers with specially formatted URLs and one of them also affects =3D
webdna. The problem has been fixed in the code and the fix will be =3D
released with next version.

- chris

> On Jul 7, 2017, at 15:36, mainlighting . <mainlighting@gmail.com> =3D
wrote:
>=3D20
> On WebDNA 8 on Centos the site has become unavailable several times in= =3D
the last few days. In roughly the timeframe when this happens, messages =3D=
like the following appear in the 'messages' log:
>=3D20
>=C2=A0 Error in `WebCatalog': free(): invalid next size (normal): ==3D
0x00007fe34c03bea0
> *** Error in `WebCatalog': double free or corruption (out): =3D0x00007f00c401d780 ***
>=3D20
> Is this reflecting an out of memory condition or some other issue?
> --------------------------------------------------------- This me=ssage =3D
is sent to you because you are subscribed to the mailing list =3D
talk@webdna.us To unsubscribe, E-mail= to: talk-leave@webdna.us archi=ves: =3D
http://www.webdna.us/page.dna?numero=3D3D55 Bug =Reporting: =3D
support@webdna.us

Subject: Re: [WebDNA] site becomes unavailable and WebCatalog warnings<=br>To: talk@webdna.us
From: Kenneth Grome <ken@webd=nasolutions.com>
Message-ID: <0f677f43-d467-9db6-9bcb-e2952f555fdd@webdnasolutions.=com>
Date: Fri, 7 Jul 2017 09:55:28 -0500
Content-Type: text/plain; charset=3Dutf-8
Content-Transfer-Encoding: 7bit
Reply-To: <talk@webdna.us>

> The problem has been fixed in the code and the fix will be
> released with next version.

This brings up a related question:

When might we expect this "next version" to become available?

Regards,
Kenneth Grome
WebDNA Solutions
http://www.webdnasolutions.com
Web Database Systems and Linux Server Administration

From: christophe.bil=liottet@webdna.us
Content-Type: text/plain; charset=3Dutf-8
Content-Transfer-Encoding: quoted-printable
Subject: Re: [WebDNA] site becomes unavailable and WebCatalog warnings
Date: Fri, 7 Jul 2017 18:05:12 +0300
To: "<talk@webdna.us>"=; <talk@webdna.us>
Message-Id: <D5011520-D5E0-4CE4-9073-DD53EA04FE5A@webdna.us>
Reply-To: <talk@webdna.us>

We don=3DE2=3D80=3D99t know yet, because we are preparing several new featu=res =3D
to WebDNA. So we don=3DE2=3D80=3D99t know if there will be a minor release ==3D
before the major one :-)

Maybe two months?

- chris

> On Jul 7, 2017, at 17:55, Kenneth Grome <ken@webdnasolutions.com> =3D
wrote:
>=3D20
>> The problem has been fixed in the code and the fix will be
>> released with next version.
>=3D20
> This brings up a related question:
>=3D20
> When might we expect this "next version" to become available=?
>=3D20
> Regards,
> Kenneth Grome
> WebDNA Solutions
> http://www.webdnasolutions.com
> Web Database Systems and Linux Server Administration
>=3D20
>=3D20
>=3D20
> ---------------------------------------------------------
> This message is sent to you because you are subscribed to
> the mailing list talk@webdna.us<=br>> To unsubscribe, E-mail to: tal=k-leave@webdna.us
> archives: http://www.webdna.us/page.dna?numero==3D3D55
> Bug Reporting: support@webdna.us<=/a>

From: Terry Wilson <terry@terr=yfic.com>
Content-Type: text/plain;
=C2=A0 =C2=A0 =C2=A0 =C2=A0 charset=3Dus-ascii
Content-Transfer-Encoding: quoted-printable
Date: Fri, 7 Jul 2017 08:13:09 -0700
Subject: Re: [WebDNA] site becomes unavailable and WebCatalog warnings
Message-Id: <846EA092-F4C2-4D1F-98C5-FD472F24CD9E@terryfic.com>To: talk@webdna.us
Reply-To: <talk@webdna.us>

What is the special format=C2=A0 that applies to Webdna code?

Sent from my iPad

> On Jul 7, 2017, at 7:20 AM, christophe.billiottet@webdna.us wrote:
>=3D20
> This is due to massive and broad attacks that started last month on ou=r si=3D
de too. The attack targets some specific php flaws by scanning the servers =w=3D
ith specially formatted URLs and one of them also affects webdna. The probl=e=3D
m has been fixed in the code and the fix will be released with next version=..=3D

>=3D20
> - chris
>=3D20
>=3D20
>=3D20
>> On Jul 7, 2017, at 15:36, mainlighting . <mainlighting@gmail.com> wrote:
>>=3D20
>> On WebDNA 8 on Centos the site has become unavailable several time=s in th=3D
e last few days. In roughly the timeframe when this happens, messages like =t=3D
he following appear in the 'messages' log:
>>=3D20
>> Error in `WebCatalog': free(): invalid next size (normal): 0x0=0007fe34c03=3D
bea0
>> *** Error in `WebCatalog': double free or corruption (out): 0x=00007f00c40=3D
1d780 ***
>>=3D20
>> Is this reflecting an out of memory condition or some other issue?=
>> --------------------------------------------------------- Thi=s message is=3D
=C2=A0sent to you because you are subscribed to the mailing list talk@webdna.us T=3D
o unsubscribe, E-mail to: talk-leav=e@webdna.us archives: http://www.webdna.u=3D
s/page.dna?numero=3D3D55 Bug Reporting: support@webdna.us
>=3D20
> ---------------------------------------------------------
> This message is sent to you because you are subscribed to
> the mailing list talk@webdna.us<=br>> To unsubscribe, E-mail to: tal=k-leave@webdna.us
> archives: http://www.webdna.us/page.dna?numero==3D3D55
> Bug Reporting: support@webdna.us<=/a>

Subject: Re: [WebDNA] site becomes unavailable and WebCatalog warnings<=br>To: talk@webdna.us
From: Kenneth Grome <ken@webd=nasolutions.com>
Message-ID: <7b1c9c19-2a6a-cbb6-3f45-9a3b32389ef0@webdnasolutions.=com>
Date: Fri, 7 Jul 2017 10:16:51 -0500
Content-Type: text/plain; charset=3Dutf-8
Content-Transfer-Encoding: quoted-printable
Reply-To: <talk@webdna.us>

>>> This is due to massive and broad attacks that started last=3D2=0
>>> month.=C2=A0 The problem has been fixed in the code and the fi=x
>>> will be released with next version.
>>=3D20
>> When might we expect this "next version" to become=3D20<=br>>> available?
>=3D20
> We don=3DE2=3D80=3D99t know yet, because we are preparing several new==3D20
> features to WebDNA. So we don=3DE2=3D80=3D99t know if there will be a =minor=3D20
> release before the major one :-)
>=3D20
> Maybe two months?

I'm somewhat surprised to learn that you knew this problem
existed since last month yet you haven't released a version that
eliminates it.

Apparently this problem has the potential to cause production
WebDNA severs to fail, produce errors, or become unresponsive.
This seems like an urgent and critical issue to me.

Don't you think it would be a good idea to release a version that
eliminates this hacking problem immediately ... and then continue
working on your future version (with the new features) later?

Regards,
Kenneth Grome
WebDNA Solutions
http://www.webdnasolutions.com
Web Database Systems and Linux Server Administration

From: christophe.bil=liottet@webdna.us
Content-Type: text/plain; charset=3Dutf-8
Content-Transfer-Encoding: quoted-printable
Subject: Re: [WebDNA] site becomes unavailable and WebCatalog warnings
Date: Fri, 7 Jul 2017 18:45:45 +0300
To: "<talk@webdna.us>"=; <talk@webdna.us>
Message-Id: <3718D6CC-8DEE-4A21-85D3-10F01A22EB83@webdna.us>
Reply-To: <talk@webdna.us>

The problem is from 1997 code=3DE2=3D80=3DA6. it has been there for 20 year=s, =3D
this can wait two more months. Also, the URL that produces it is =3D
completely unatural and exceptional.

- chris

> On Jul 7, 2017, at 18:16, Kenneth Grome <ken@webdnasolutions.com> =3D
wrote:
>=3D20
>>>> This is due to massive and broad attacks that started last==3D20
>>>> month.=C2=A0 The problem has been fixed in the code and th=e fix
>>>> will be released with next version.
>>>=3D20
>>> When might we expect this "next version" to become==3D20
>>> available?
>>=3D20
>> We don=3DE2=3D80=3D99t know yet, because we are preparing several =new=3D20
>> features to WebDNA. So we don=3DE2=3D80=3D99t know if there will b=e a minor=3D20=3D

>> release before the major one :-)
>>=3D20
>> Maybe two months?
>=3D20
>=3D20
> I'm somewhat surprised to learn that you knew this problem
> existed since last month yet you haven't released a version that> eliminates it.
>=3D20
> Apparently this problem has the potential to cause production
> WebDNA severs to fail, produce errors, or become unresponsive.
> This seems like an urgent and critical issue to me.
>=3D20
> Don't you think it would be a good idea to release a version that<=br>> eliminates this hacking problem immediately ... and then continue
> working on your future version (with the new features) later?
>=3D20
> Regards,
> Kenneth Grome
> WebDNA Solutions
> http://www.webdnasolutions.com
> Web Database Systems and Linux Server Administration

Subject: Re: [WebDNA] site becomes unavailable and WebCatalog warnings<=br>To: talk@webdna.us
From: Kenneth Grome <ken@webd=nasolutions.com>
Message-ID: <844372a0-cbb4-f911-ee65-36ce67b28d80@webdnasolutions.=com>
Date: Fri, 7 Jul 2017 10:49:29 -0500
Content-Type: text/plain; charset=3Dutf-8
Content-Transfer-Encoding: quoted-printable
Reply-To: <talk@webdna.us>

So if you provide the URL that produces this problem, we should be
able to use the web server (Apache or other) to filter it out so
that it won't affect our live servers, correct?

Regards,
Kenneth Grome
WebDNA Solutions
http://www.webdnasolutions.com
Web Database Systems and Linux Server Administration

On 07/07/2017 10:45 AM, =christophe.billiottet@webdna.us wrote:
> The problem is from 1997 code=3DE2=3D80=3DA6. it has been there for 20= years,=3D
=C2=A0this can wait two more months. Also, the URL that produces it is comp=let=3D
ely unatural and exceptional.
>=3D20
> - chris
>=3D20
>=3D20
>> On Jul 7, 2017, at 18:16, Kenneth Grome <ken@webdnasolutions.com> wrot=3D
e:
>>
>>>>> This is due to massive and broad attacks that started =last=3D20
>>>>> month.=C2=A0 The problem has been fixed in the code an=d the fix
>>>>> will be released with next version.
>>>>
>>>> When might we expect this "next version" to beco=me=3D20
>>>> available?
>>>
>>> We don=3DE2=3D80=3D99t know yet, because we are preparing seve=ral new=3D20
>>> features to WebDNA. So we don=3DE2=3D80=3D99t know if there wi=ll be a minor=3D
=3D20
>>> release before the major one :-)
>>>
>>> Maybe two months?
>>
>>
>> I'm somewhat surprised to learn that you knew this problem
>> existed since last month yet you haven't released a version th=at
>> eliminates it.
>>
>> Apparently this problem has the potential to cause production
>> WebDNA severs to fail, produce errors, or become unresponsive.
>> This seems like an urgent and critical issue to me.
>>
>> Don't you think it would be a good idea to release a version t=hat
>> eliminates this hacking problem immediately ... and then continue<=br>>> working on your future version (with the new features) later?
>>
>> Regards,
>> Kenneth Grome
>> WebDNA Solutions
>> http://www.webdnasolutions.com
>> Web Database Systems and Linux Server Administration
>=3D20
>=3D20
>=3D20
>=3D20
> ---------------------------------------------------------
> This message is sent to you because you are subscribed to
> the mailing list talk@webdna.us<=br>> To unsubscribe, E-mail to: tal=k-leave@webdna.us
> archives: http://www.webdna.us/page.dna?numero==3D3D55
> Bug Reporting: support@webdna.us<=/a>
>=3D20

From: christophe.bil=liottet@webdna.us
Content-Type: text/plain; charset=3Dus-ascii
Content-Transfer-Encoding: 7bit
Subject: Re: [WebDNA] site becomes unavailable and WebCatalog warnings
Date: Fri, 7 Jul 2017 19:00:47 +0300
To: "<talk@webdna.us>"=; <talk@webdna.us>
Message-Id: <49B18D31-297F-4B1E-9DB3-8D15E9860218@webdna.us>
Reply-To: <talk@webdna.us>

correct :-)

> On Jul 7, 2017, at 18:49, Kenneth Grome <ken@webdnasolutions.com> wrote:
>
> So if you provide the URL that produces this problem, we should be
> able to use the web server (Apache or other) to filter it out so
> that it won't affect our live servers, correct?
>
> Regards,
> Kenneth Grome
> WebDNA Solutions
> http://www.webdnasolutions.com
> Web Database Systems and Linux Server Administration

--001a1141f40cfadea60554344510--. Associated Messages, from the most recent to the oldest:

Re: [WebDNA] Digest from talk@webdna.us (Brian Harrington 2018)
Re: [WebDNA] Digest from talk@webdna.us (Donovan Brooke 2015)

1241--001a1141f40cfadea60554344510Content-Type: text/plain; charset="UTF-8""The attack targets some specific php flaws by scanning the =servers with specially formatted URLs and one of them also affects =webdna."Thanks, Chris. I do see targeted php oriented URLs, but wonder if you couldgive some clue as to the specific one that is impacting WebDNA so that wecan filter against it. If you prefer to answer in private, that is fine.On Sat, Jul 8, 2017 at 1:00 AM, wrote:> From: "mainlighting ." > Date: Fri, 7 Jul 2017 08:36:20 -0400> Message-ID: gmail.com>> Subject: [WebDNA] site becomes unavailable and WebCatalog warnings> To: talk@webdna.us> Content-Type: multipart/alternative; boundary="> 94eb2c0590eefd3d630553b97a47"> Reply-To: >> --94eb2c0590eefd3d630553b97a47> Content-Type: text/plain; charset="UTF-8">> On WebDNA 8 on Centos the site has become unavailable several times in the> last few days. In roughly the timeframe when this happens, messages like> the following appear in the 'messages' log:>> Error in `WebCatalog': free(): invalid next size (normal):> 0x00007fe34c03bea0> *** Error in `WebCatalog': double free or corruption (out):> 0x00007f00c401d780 ***>> Is this reflecting an out of memory condition or some other issue?>> --94eb2c0590eefd3d630553b97a47> Content-Type: text/html; charset="UTF-8"> Content-Transfer-Encoding: quoted-printable>>

On WebDNA 8 on Centos the site has become unavailable> seve=> ral times in the last few days. In roughly the timeframe when this> happens,=> messages like the following appear in the 'messages'> log:

=C2=A0Error in `WebCatalog': free(): invalid next size> => (normal): 0x00007fe34c03bea0

*** Error in `WebCatalog':> doubl=> e free or corruption (out): 0x00007f00c401d780> ***

Is this reflecting an out of memory condition or some other> issue? div>

"The attack targets =some specific php flaws by scanning the =3D
servers with specially formatted URL=s and one of them also affects =3D
webdna."

--001a1141f40cfadea60554344510--. "mainlighting ."

DOWNLOAD WEBDNA NOW!

[WebDNA] Re: Digest from talk@webdna.us

2017

Top Articles:

Related Readings: