Screaming Penguin

All revs of apache <= 1.3.20 and <= 2.0.37 are vulnerable to the much discussed recent chunked data encoding vulnerability in apache. Now a worm is in the wild that makes use of the vulnerability as disclosed by ISS X-Force (they have taken some heat for the way this was handled, but I say props to them, if its a flaw, finding it and publishing it is a service to us all, no matter what piece of software its in). Anyway, this worm really only affects said apache revs on FreeBSD systems. Even so it will likely cause a lot of traffic for all systems. Upgrade your apache, be aware, etc. Check the linked internetnews.com story for more details.   Worm Exploits Apache Flaw