Skip to comments.
Apache Exploit Fixed
Slashdot ^
Posted on 06/20/2002 11:22:53 AM PDT by dheretic
Information here
TOPICS: Technical
KEYWORDS: apache; exploit; security
Not bad, eh?
1
posted on
06/20/2002 11:22:54 AM PDT
by
dheretic
To: dheretic
Actually it was fixed in less than 24 hours and it was never an exploit but a remote possibility of a DoS attack using the vunderability. I never actually saw an exploit for the flaw.
2
posted on
06/20/2002 11:28:16 AM PDT
by
toupsie
To: toupsie
Dunno - someone claimed that they opened a ticket on this way back on May 30, although I haven't looked for myself. If that's the case, then three weeks for a patch sounds much less impressive than 24 hours.
To: toupsie
FYI, there are remote _exploits_ out there for all OSes. Gobbles, if you are familiar with him, has released an OpenBSD one and says he has a Linux one also.
4
posted on
06/20/2002 11:49:59 AM PDT
by
sigSEGV
To: toupsie
5
posted on
06/20/2002 11:53:05 AM PDT
by
sigSEGV
To: sigSEGV
compiled his code of two different Uncies and attacked one of my OpenBSD servers running an unpatched version of Apache, no luck. Couldn't exploit it. I read some info and found other people had the same results as me.
6
posted on
06/20/2002 1:38:41 PM PDT
by
toupsie
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson