Experts Warn of Major Hole in Apache Web Server
Posted by admin on Tuesday, June 18, 2002 - 11:27 PM |
|
|
admin writes "A security flaw in the popular Apache Web server could allow a malicious hacker to launch a denial of service attack or even take over a system on which the software is running, the Apache Software Foundation warned in an advisory on Monday.
"The flaw relates to the way the Web server parses uploaded data, and can cause the software to misinterpret the size of incoming chunks of data. It can be exploited by sending a carefully crafted request to the server, said the Foundation, which manages development of the open-source Apache products.
This affects all versions of Apache 1.3 and Apache 2 up to 2.0.36.
The official advisory is here.
Check on the latest developments at httpd.apache.org.
The Apache Software Foundation has since released versions 1.3.26 and 2.0.39 to address and fix this issue. These version are available for download from httpd.apache.org."
Note: The Apache Software Foundation has since released versions 1.3.26 and 2.0.39 to address and fix this issue. These version are available for download from httpd.apache.org.
|
| |
 |
Related links |
 |
|
