[luau] Apache exploit circulating, users urged to patch

MonMotha monmotha at indy.rr.com
Fri Jun 21 12:16:00 PDT 2002 

Patching this is important on any system, but remember that on 32 bit 
UNIX systems, it's only a DoS attack.  So if you have your apache limits 
tuned down like I do, limited damage should be possible (I only allow 
like 5 children on my server...).  However, if you're on Win32 or a 64 
bit UNIX platform (UltraSparc, IA-64, x86-64, Alpha, etc) make sure you 
patch IMMEDIATELY as there is the possibility of running arbitrary code 
as the user apache is running as.  This alone is good enough to get a 
worm going, and the worm will DoS 32bit systems as it attempts to spread.

--MonMotha

Warren Togami wrote:
> Patch your Apache, and please spread the word to everyone you know that
> is running Apache.  This applies to home systems too, even if you think
> your system is "not important".
> 
> Red Hat Apache update
> http://linuxtoday.com/news_story.php3?ltsn=2002-06-20-010-26-SC-RH-SV
> Mandrake Apache update
> http://linuxtoday.com/news_story.php3?ltsn=2002-06-21-010-26-SC-MD-SV
> Debian Apache update
> http://linuxtoday.com/news_story.php3?ltsn=2002-06-21-009-26-SC-DB-SV
> Trustix Apache update
> http://linuxtoday.com/news_story.php3?ltsn=2002-06-20-016-26-SC-SV
> SOT Linux Apache update
> http://linuxtoday.com/news_story.php3?ltsn=2002-06-20-015-26-SC-SV-SW
> SuSE Apache update
> http://linuxtoday.com/news_story.php3?ltsn=2002-06-19-023-26-SC-SV-SS
> 
> http://www.idg.net/ic_877484_1794_9-10000.html
> Apache exploit circulating, users urged to patch
> 
> If users have put off patching their Apache Web servers against the
> vulnerability discovered Monday, they should wait no longer, as an
> exploit to attack the security hole is now circulating on the Internet,
> according to Oliver Friedrichs, director of engineering at SecurityFocus
> Inc.
> 
> The exploit -- a tool which makes attacking a vulnerability easier --
> was posted to the Bugtraq security email list on Wednesday, Friedrichs
> said.
> 
> The existence of an exploit "makes the possibility of a worm that
> targets these (systems) more likely," he said.
> (continued in article)
> 
> _______________________________________________
> LUAU mailing list
> LUAU at videl.ics.hawaii.edu
> http://videl.ics.hawaii.edu/mailman/listinfo/luau
>

More information about the LUAU mailing list