httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dale <st...@colony.net>
Subject Re: Does Apache has security problems?
Date Mon, 24 Jun 2002 15:26:23 GMT
Hello,

What versions of Apache does this affect?

Thanks

Dale

On Mon, 24 Jun 2002 06:03:03 +0300
  "Octavian Rasnita" <orasnita@home.ro> wrote:
> Hi all,
> 
> Here is a message I have received from another list.
> Do you know something about this?
> 
> Thanks.
> 
> There is a major vulnerability with Apache.  From what I 
> heard today
> a buffer overflow can be caused by a hacker allowing memory 
> to be addressed
> directly allowing an attacker to execute code of there 
> choice. This Apache
> software is used on aprox 56 percent of net servers and 
> routers including
> UNIX and zenix.  A U.S. company discovered this and told the 
> public before
> telling the developers.  A fix was released but did not 
> address this
> problem.  The exploitation code is freely available for 
> download allowing
> hackers to create worms that make code red look safe  by 
> comparison.  It is
> of concern as many routers also use this software.
> 
> If you wish to hear the article concerning this development 
> go to
> http://www.abc.net.au/newsradio
> and look for the netnews link the article
> will be available on audio on demand either using real 
> player or windows
> media player.  I listen to the netnews program every Sunday 
> at 12 pm
> Australian eastern standard time.  You can by clicking on 
> the listen to us
> link and on the next page either the real audio link or the 
> media player
> link.  Just thought you should know if any of you are 
> running Apache server
> /router software either on the windows or zenix /UNIX 
> platforms.
> 
> Teddy Center for the blind: http://teddy.fcc.ro/
> Mail: orasnita@home.ro
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message