Apache Targeted by Hacker ToolAdded: Tuesday, August 30th, 2011
Category: Recent Headlines Involving File Sharing > Current Events
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, 2010, www.extrattorrent.com
The Apache team of developers and security specialists has been warned of a denial-of-service (DoS) instrument, which was designed to exploit a bug in the program. Apparently, they are in a process of preparing some respond to the tool.
A new dangerous tool called “Apache Killer” was first noticed a week ago in a post to the Full Disclosure security mailing list. However, after a few days, the Apache project found out the vulnerability which the tool in question was exploiting.
The project developers said they were planning to release a fix for Apache 2.0 and 2.2 within the next couple days, which would mean a tricky 48 hours or longer for Apache users. According to the group’s security advisory, the vulnerability of denial of service was discovered in the way the numerous overlapping ranges were handled by Apache. As it was found out, all versions in the 2.0 lines were vulnerable to the attack. In addition, it is pretty likely that the tool is able to hit the no longer supported, but still existing Apache 1.3. This could cause troubles for people using the older version of the project, because that this version won’t be patched. Meanwhile, the advisor claimed that an attack tool was actually circulating in the wild. The developers could also see active use of the tools. The attack could only be done remotely and with a small number of requests was even able to cause a considerable memory and CPU usage on the server.
The most interesting fact is that the bug in question has been around for ever – back in 2007, Michal Zalewski has already brought up the DoS flaw of Apache. In order to protect their users, Apache has already offered a number of workarounds in order to defend Web servers until a patch is available.
August 30th,2011Posted by:
Tuesday, August 30th, 2011
|lol...apache is in danger...|
N thanx SAm for keeping for the article...
Most Popular Stories