Apache urges update ahead of DoS risk alert
Do something now! We'll tell you why later
Posted in Security, 7th April 2003 11:44 GMT
Free whitepaper – Reshaping IT
The Apache Software Foundation has updated its popular Web server software to guard against a serious, as yet unspecified, denial of service risk.
Users of version 2.x of the Web server on all platforms are urged to upgrade to version 2.0.45. Sites running 1.x aren't affected.
Details of the problem, discovered by security outfit iDefense, are to be made available later today.
An advisory, published by BugTraq, is to be made available at this time. According to the limited information so far published, the flaw is yet to be exploited.
Information of the upgrade is available from the Apache Software Foundation here. Upgrading to 2.0.45 will fail to help the small number of users running Apache on OS/2.
Nonetheless the fix is deemed too important to wait resolution of the issue in these limited cases.
Version 2.0.45 is also designed to address a number of less bugs, as explained in greater detail here. ®
Related Stories
All bugs are created equal
Apache fixes scripting flaw
Slapper worm spanks Apache servers
Apache admins screwed by premature vuln report
Free whitepaper – Ensuring service assurance in the new normal
The Register Guide to managing spam
The Evolving Security Landscape
The Register Guide to Extended Validation
The Register Guide to Web Security
Linux on the Desktop
