mod_blowchunks 1.3 www =2

Apache module for rejecting and logging chunked requests
Maintained by: apache@FreeBSD.org
Port Added: 22 Jun 2002 23:56:15

---

---

This is an Apache module that rejects and logs chunked requests before
(eventually vulnerable) chunking routines can read them.

WWW: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0392

Author: Cris Bailiff <c.bailiff+blowchunks@devsecure.com>

- Anders Nordby <anders@FreeBSD.org>

CVSWeb : Sources : Main Web Site : Distfiles Availability : PortsMon

---

Required To Build: www/apache13, www/apache13
Required To Run: www/apache13, www/apache13

---

To install the port: cd /usr/ports/www/mod_blowchunks/ && make install clean
To add the package: pkg_add -r mod_blowchunks

---

Configuration Options

     No options to configure

---

Master Sites:

ftp://ftp.nuug.no/pub/anders/distfiles/

http://atreides.freenix.no/~anders/

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/

SHA256ify

Approved by: krion@

- Assign maintainership to freshly created apache@ mailing list

SIZEify.

Use the new Apache bits from bsd.port.mk.

Submitted by:   dinoex

KATO mega patch

- ECHO -> ECHO_MSG

For some ports:
- pre-fetch -> pre-everything
- ECHO -> ECHO_CMD

PR:             ports/56820-56858
Submitted by:   KATO Tsuguru <tkato@prontomail.com>

De-pkg-comment.

support appache13-modssl by defining APACHE_PORT in /etc/make.conf
others variants of the apache ports can be used too.

Add mod_blowchunks, an Apache module to reject and log chunked requests.

Useful for those that want to log attempts to exploit that recent Apache
vulnerability, or who need or want to use their current Apache version
for some reason.

11 vulnerabilities affecting 26 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities