Apache/2.0.45 released to counter Denial of Service vulnerability
3rd April, 2003
The Apache Project have announced that versions of Apache/2.0 up to and including Apache/2.0.44 are vulnerable to a denial of service attack. To fix the problem, the project has released Apache/2.0.45 which is available for download.
People running Apache servers should note that the vulnerability only applies to Apache/2.0 and not Apache/1.3. In this respect the bug is not a big threat to the stability of the web - it is a denial of service rather than a remote compromise and the number of sites running Apache/2.0 is relatively small. Almost 99% of Apache sites are on Apache/1.3 or earlier.
Posted by Mike Prettejohn in Security
Related News
Outages Continue at SCO
15 Dec 2003
Performance, Security
The web site outages continue at SCO, which was unreachable for much of the weekend and is currently experiencing its fourth incident of extended downtime since it came under a distributed denial of service (DDoS) attack last Thursday. A dynamically...
View full post
CAIDA: Data Confirms DDoS at SCO
12 Dec 2003
Performance, Security
A data-based analysis of SCO's web site by the Cooperative Association for Internet Data Analysis (CAIDA) has found that this week's outage was related to a distributed denial of service attack (DDoS). Data collected by CAIDA's Network Telescope indicates...
View full post
IE Flaw Allows Spoofed URLs
12 Dec 2003
Security
A newly publicized bug in Internet Explorer shows that it is possible to craft html which causes Internet Explorer to display an incorrect URL in its address and status bars, making it easier for Internet fraudsters to trick web users into divulging...
View full post