I've just started seeing this appearing in our server logs...
/P/2112/FBA73F59E6F7E78CCFF29DD8BDF46ECCAE5B73145E023BFB207C971E835645245C62CA0296DA6CDA4E62613A9C10C0DADBA941D2AD68005E57EFDC84A8ECD0ADC37C0214AD76755E48D6D1BAABF
It goes on and on for a while. In fact that's less than 10% of just one such event and there are many similar events.
I'm suspecting some attempted hack since we have no folder named "/P/" on our server.
Does anyone recognise this?
BTW, the reason I was looking at the logs at that time was that our server had just crashed, and I can't help wondering if it's related.
The server is Apache/2.0.54 (Unix) PHP/4.4.2 mod_ssl/2.0.54 OpenSSL/0.9.7a JRun/4.0
Looks like a buffer overflow shellcode attack. I'd expect that the URL is at least 4096 chars long. The HTTP RFC does not specify a maximum URL length, although there are implicit limitations on most of the major servers, so the attacker may be attempting to cause a buffer overflow.
I'd make sure you've read the release notes for your current web server, and check that there are no outstanding security issues.
What's the source IP? Possible that it's some kind of DoS attack or attempt at a buffer overflow. Can you post the entire line?