Internetnews: Apache Flaws Being Exploited
Nov 15, 2002, 23:30 (8 Talkback[s])
(Other stories by Ryan Naraine)
"The Apache HTTP Server Project has warned that several security
holes in the Apache source are being actively exploited on the
Internet, urging IT managers to urgently upgrade to version 1.3.27
or 2.0.43 or higher.
"It is the second warning from the open-source project, which is
used by more than 60 percent of Web servers on the Net. Because
most of the vulnerable code is shared between the Apache and
Apache-Perl packages, the flaws are shared as well, Apache
"The latest warning, posted on the BugTraq mailing list,
highlights a scoreboard memory segment overwriting vulnerability
that could lead to denial-of-service (DoS) attacks..."