[LUAU] Apache DoS vulnerability
Jeff Mings
jeffm at lava.net
Thu Aug 25 19:43:41 PDT 2011
Once again, thanks for the heads-up, Julian. :)
On 08/24/2011 10:08 AM, Julian Yap wrote:
> Here is an article:
> http://www.theregister.co.uk/2011/08/24/devastating_apache_vuln/
>
> Try running the proof of concept here:
> https://issues.apache.org/bugzilla/show_bug.cgi?id=51714
>
> I ran it on some CentOS 5 and 6 (running httpd-2.2.15-5.el6.centos.x86_64) servers which reported no issues. It may be the default way that RHEL/CentOS has the network set up or perhaps does not enable the modules required. I suspect some distributions may be vulnerable with their default set up.
>
> - Julian
> _______________________________________________
> LUAU at lists.freesoftwarehawaii.org mailing list
> http://lists.freesoftwarehawaii.org/listinfo.cgi/luau-freesoftwarehawaii.org
More information about the LUAU
mailing list