Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Apache warns Web server admins of DoS attack tool

From: InfoSec News <alerts () infosecnews org>
Date: Thu, 25 Aug 2011 06:13:04 -0500 (CDT)
http://www.computerworld.com/s/article/9219471/Apache_warns_Web_server_admins_of_DoS_attack_tool

By Gregg Keizer
Computerworld
August 24, 2011
Developers of the Apache open-source project today warned users of the popular Web server software that a denial-of-service (DoS) tool is circulating that exploits a bug in the program.
The tool, called "Apache Killer," showed up last Friday in a post to the "Full Disclosure" security mailing list.
Today, the Apache project acknowledged the vulnerability that the attack tool exploits, and said it would release a fix for Apache 2.0 and 2.2 in the next 48 hours.
"A denial of service vulnerability has been found in the way the multiple overlapping ranges are handled by Apache," the group said in a security advisory. According to Apache, all versions in the 1.3 and 2.0 lines are vulnerable to attack. 

The group no longer supports the older Apache 1.3.

[...]


_____________________________________________________________
Register now for the #HITB2011KUL - Asia's premier
deep-knowledge network security event now in it's 9th year!
http://conference.hitb.org/hitbsecconf2011kul/
Previous By Date Next
Previous By Thread Next

Current thread: