Apache urges update ahead of DoS risk alert
Print storyDo something now! We'll tell you why later
Posted in Security, 7th April 2003 11:44 GMT
Free whitepaper – Vulnerability management buyer's checklist
The Apache Software Foundation has updated its popular Web server software to guard against a serious, as yet unspecified, denial of service risk.
Users of version 2.x of the Web server on all platforms are urged to upgrade to version 2.0.45. Sites running 1.x aren't affected.
Details of the problem, discovered by security outfit iDefense, are to be made available later today.
An advisory, published by BugTraq, is to be made available at this time. According to the limited information so far published, the flaw is yet to be exploited.
Information of the upgrade is available from the Apache Software Foundation here. Upgrading to 2.0.45 will fail to help the small number of users running Apache on OS/2.
Nonetheless the fix is deemed too important to wait resolution of the issue in these limited cases.
Version 2.0.45 is also designed to address a number of less bugs, as explained in greater detail here. ®
Related Stories
All bugs are created equal
Apache fixes scripting flaw
Slapper worm spanks Apache servers
Apache admins screwed by premature vuln report
The business case for application security
Reducing messaging and web security costs with managed services
Avoiding 7 common mistakes of IT security compliance
Server-gated cryptography
Airport insecurity: the case of lost laptops
Feds: Hospital hacker's 'massive' DDoS averted
Buggy 'smart meters' open door to power-grid botnet
Microsoft knew of nasty IE bug a year before attacks
BlockMaster SafeStick hardware-encrypted USB drive