[TriLUG] UPDATE YOUR APACHE INSTALL (security)

Mike Johnson mike at enoch.org
Thu Jun 20 11:23:27 EDT 2002


Hrm, maybe the caps isn't neccesary, but I wanted to get the attention
of the reader.

Anyways, a bug was recently found in Apache that could possibly be
exploited to gain access to a system.  There is an exploit floating
around that -claims- to work.  There are mixed opinions (based on
emperical data) as to whether or not it actually can gain access.  

Regardless as to the success or failure of this particular exploit, I'd
-strongly- suggest you update your apache installs.  All the major
distobutions have provided fixes, and there's also a new version of
apache posted by the apache folk that also fixes the problem.

I now return you to your regularly scheduled paranoia.

Mike
-- 
"Let the power of Ponch compel you!  Let the power of Ponch compel you!"
   -- Zorak on Space Ghost

GNUPG Key fingerprint = ACD2 2F2F C151 FB35 B3AF  C821 89C4 DF9A 5DDD 95D1
GNUPG Key = http://www.enoch.org/mike/mike.pubkey.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 230 bytes
Desc: not available
URL: <http://www.trilug.org/pipermail/trilug/attachments/20020620/b0971ff4/attachment.pgp>


More information about the TriLUG mailing list