sinc 2004-06-14 I have following entries in my BOA-Log: buffer overrun - read.c, read_header - closing
Could be somebody trying to exploit a recently discovered Apache header vulnerability. For instance: http://www.guninski.com/httpd1.html
malformed request: "CONNECT 82.96.96.3:802 HTTP/1.0"
That's a common one I see too -- people trying to use a HTTP server as a proxy to surf other sites or use your web server to relay spam. Not having a proxy or clamping down with ACLs are your protection. Presumably, BOA logged it as a malformed request because it doesn't support "CONNECT" http proxying.
Marek
