The Register®

Biting the hand that feeds IT

Apache urges update ahead of DoS risk alert

Do something now! We'll tell you why later

By John LeydenGet more from this author

Posted in Security, 7th April 2003 11:44 GMT

The Apache Software Foundation has updated its popular Web server software to guard against a serious, as yet unspecified, denial of service risk.

Users of version 2.x of the Web server on all platforms are urged to upgrade to version 2.0.45. Sites running 1.x aren't affected.

Details of the problem, discovered by security outfit iDefense, are to be made available later today.

An advisory, published by BugTraq, is to be made available at this time. According to the limited information so far published, the flaw is yet to be exploited.

Information of the upgrade is available from the Apache Software Foundation here. Upgrading to 2.0.45 will fail to help the small number of users running Apache on OS/2.

Nonetheless the fix is deemed too important to wait resolution of the issue in these limited cases.

Version 2.0.45 is also designed to address a number of less bugs, as explained in greater detail here. ®

Related Stories

All bugs are created equal
Apache fixes scripting flaw
Slapper worm spanks Apache servers
Apache admins screwed by premature vuln report

Free Report - "High-level Best Practices in Software Configuration Management: How to deploy SCM software to the maximum advantage"

The ICA's Reg-freetard smackdown

Crossed swords become toothy grins

Unfriendly ghosts

The expense of defence

Don’t Miss

Warning: roadworksNetbooks and Mini-Laptops

Buyer's Guide They're little and we love 'em. But which ones are best?

SSL covers security embarrassments with EV figleaf

Whitepaper Helping you know scammers from Adam

Emails show journalist rigged Wikipedia's naked shorts

Overstock's Byrne vindicated amidst economic meltdown

Warning StopYours truly, angry mob

Book extract Bringing Nothing To The Party: Cleaning up the net, one satirical vigilante page at a time