Navigation
User login
Quote
Antoine de Saint-Exupéry
If you want to build a ship, don't drum up the men to gather wood, divide the work and give orders. Instead, teach them to yearn for the vast and endless sea.
Apache chunk encoding Worm in the wild
Tue, 07/02/2002 - 11:15 — charlie.collins
All revs of apache <= 1.3.20 and <= 2.0.37 are vulnerable to the much discussed recent chunked data encoding vulnerability in apache. Now a worm is in the wild that makes use of the vulnerability as disclosed by ISS X-Force (they have taken some heat for the way this was handled, but I say props to them, if its a flaw, finding it and publishing it is a service to us all, no matter what piece of software its in).
Anyway, this worm really only affects said apache revs on FreeBSD systems. Even so it will likely cause a lot of traffic for all systems. Upgrade your apache, be aware, etc.
Check the linked internetnews.com story for more details. Worm Exploits Apache Flaw
This work is licensed under a Creative Commons License.
1998-2008 temple of the screaming penguin
TotSP Search
Community
Popular content
Today's:
All time:
Last viewed:
- Theme for 2008: Apple and Linux "safer, better, and cheaper to operate"
- Yet another MS study predicts MS better: ZDNet
- ext3 "data loss" possible in 2.4.20: news.com
- "I have not heard a report of thousands of people who do not have food and water at the convention center."
- The "Genographic Project" set to trace human origins via DNA
Chatter
18 hours 52 min ago
19 hours 21 min ago
1 day 5 hours ago
1 day 9 hours ago
2 days 48 min ago
3 days 18 hours ago
4 days 9 hours ago
1 week 2 hours ago
1 week 1 day ago
3 weeks 1 day ago