trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Igor Galić <i.ga...@brainsware.org>
Subject Apache httpd CVE
Date Thu, 25 Aug 2011 07:24:24 GMT

Hi folks,

the final draft for the latest Apache httpd CVE is out:

  http://marc.info/?l=apache-httpd-dev&m=131420013520206&w=2

I was wondering how this would affect an Apache httpd sitting behind
ATS so for the sake of science I attacked one of my (test) systems.
The result is: The system is bored and unimpressed.

(I also an tested Apache httpd proxy where I implemented the #1 Mitigation:
Both, backends and frontend are underwhelmed.)

Please be sure to secure your systems. Either as suggested.
Or by running ATS ;)

i

-- 
Igor Galić

Tel: +43 (0) 664 886 22 883
Mail: i.galic@brainsware.org
URL: http://brainsware.org/
GPG: 571B 8B8A FC97 266D BDA3  EF6F 43AD 80A4 5779 3257

Mime
View raw message