[luau] Apache exploit circulating, users urged to patch
MonMotha
monmotha at indy.rr.com
Fri Jun 21 12:16:00 PDT 2002
Patching this is important on any system, but remember that on 32 bit
UNIX systems, it's only a DoS attack. So if you have your apache limits
tuned down like I do, limited damage should be possible (I only allow
like 5 children on my server...). However, if you're on Win32 or a 64
bit UNIX platform (UltraSparc, IA-64, x86-64, Alpha, etc) make sure you
patch IMMEDIATELY as there is the possibility of running arbitrary code
as the user apache is running as. This alone is good enough to get a
worm going, and the worm will DoS 32bit systems as it attempts to spread.
--MonMotha
Warren Togami wrote:
> Patch your Apache, and please spread the word to everyone you know that
> is running Apache. This applies to home systems too, even if you think
> your system is "not important".
>
> Red Hat Apache update
> http://linuxtoday.com/news_story.php3?ltsn=2002-06-20-010-26-SC-RH-SV
> Mandrake Apache update
> http://linuxtoday.com/news_story.php3?ltsn=2002-06-21-010-26-SC-MD-SV
> Debian Apache update
> http://linuxtoday.com/news_story.php3?ltsn=2002-06-21-009-26-SC-DB-SV
> Trustix Apache update
> http://linuxtoday.com/news_story.php3?ltsn=2002-06-20-016-26-SC-SV
> SOT Linux Apache update
> http://linuxtoday.com/news_story.php3?ltsn=2002-06-20-015-26-SC-SV-SW
> SuSE Apache update
> http://linuxtoday.com/news_story.php3?ltsn=2002-06-19-023-26-SC-SV-SS
>
> http://www.idg.net/ic_877484_1794_9-10000.html
> Apache exploit circulating, users urged to patch
>
> If users have put off patching their Apache Web servers against the
> vulnerability discovered Monday, they should wait no longer, as an
> exploit to attack the security hole is now circulating on the Internet,
> according to Oliver Friedrichs, director of engineering at SecurityFocus
> Inc.
>
> The exploit -- a tool which makes attacking a vulnerability easier --
> was posted to the Bugtraq security email list on Wednesday, Friedrichs
> said.
>
> The existence of an exploit "makes the possibility of a worm that
> targets these (systems) more likely," he said.
> (continued in article)
>
> _______________________________________________
> LUAU mailing list
> LUAU at videl.ics.hawaii.edu
> http://videl.ics.hawaii.edu/mailman/listinfo/luau
>
More information about the LUAU
mailing list