ExtraTorrent.cc - The Largest Bittorent SystemLogin   |   Register
Latest Articles
Most searched
Hot torrents
First Cams
View Torrent Info: Moana 2016 HD-TS XviD AC3-CPG
View Torrent Info: Shut.In.2016.HDCAM.x264 - Lesnar
View Torrent Info: Fantastic Beast and Where To Find Them 2016 HD-TS x264-CPG
View Torrent Info: Arrival 2016 HDCAM x264 AC3-TuttyFruity
Hot torrents
XVID DIVX
View Torrent Info: Rupture.2016.HDRip.XviD.AC3-EVO
View Torrent Info: Miss.Peregrines.Home.for.Peculiar.Children.2016.BRRip.XviD.AC3-ETRG
View Torrent Info: Storks.2016.BRRip.XViD-ETRG
View Torrent Info: End.of.a.Gun.2016.BRRip.XviD.AC3-EVO
Hot torrents
H264 X264
View Torrent Info: Sully.2016.720p.BRRip.x264.AAC-ETRG
View Torrent Info: Storks.2016.720p.BRRip.x264.AAC-ETRG
View Torrent Info: Eliminators.2016.720p.BRRip.x264.AAC-ETRG
View Torrent Info: Morgan.2016.720p.BRRip.x264.AAC-ETRG
Hot torrents
Television
View Torrent Info: UFC The Ultimate Fighter 24 Finale HDTV x264-Ebi [TJET]
View Torrent Info: Bellator 166 Dantas vs Warren 2 HDTV x264-Ebi [TJET]
View Torrent Info: Ghost.Adventures.S13E10.Dumas.Brothel.HDTV.x264-SPASM
View Torrent Info: Van.Helsing.S01E12.WEB-DL.x264-FUM[ettv]
View Torrent Info: Nenu Sailaja (2016)   EXTRAS 720p UNCUT HDRip x264 [Dual Audio] [Hindi DD 2.0 - Telugu 2.0] Exclusive By -=!Dr.STAR!=-
View Torrent Info: Morgan (2016) 1080p BDRip DUAL DD 5.1 x264 ~ PyZ
View Torrent Info: Kahaani 2 (2016) Hindi 1CD Desi Cam x264 AAC - Downloadhub
View Torrent Info: Air Bud (1997) 720p HDTVRip x264 Eng Subs [Dual Audio] [Hindi 2.0 - English 5.1] -=!Dr.STAR!=-
30s
Chat
To add new messages please Login or Register for FREE
Warning! Stop Government from Tracking Your Torrenting!
Your IP Address is 54.161.209.240.   Location is United States
Your Internet Provider and Government can track your internet activity! Hide your IP and LOCATION with a VPN
ExtraTorrent strongly recommends using Trust.Zone VPN to anonymize your torrenting. It's FREE!

ExtraTorrent.cc > Articles > Big Hole Found in Apache

Big Hole Found in Apache

Big Hole Found in Apache

Added: Thursday, December 1st, 2011
Category: Bit Torrent Freedom > The Industries Of Records, Gaming, Software, Movies
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, 2010, www.extrattorrent.com
Security experts claim they’ve discovered a yet-to-be-patched vulnerability in the Apache HTTP server. The hole, according to their claims, allows hackers to access protected resources within the internal network. Due to the importance of the issue, Apache developers gathered a conference where they tried to decide how to fix the problem.

linuxtarget.jpg


All you need for “goodnight Vienna” to happen on the internal network is for some rewrite rules not to be configured correctly. Right after this you can see hackers inside the server doing whatever they want. The big hole hits Apache installations operating in reverse proxy mode – that’s what is used for load balancing, caching and many other operations using multiple servers.

The matter is that while trying to set up Apache HTTPD to work as a reverse proxy, server administrators have to use some specialized modules, such as mod_proxy or mod_rewrite. That’s where it happens: if some rules aren’t determined properly, hackers are able to trick servers into performing unauthorized requests in order to access internal resources. In fact, the trouble has been around for a while, because the patch was released to fix something similar last month.

Nevertheless, after security experts reviewed the patch in question, they realized that it can be easily bypassed thanks to a bug in the procedure for Uniform Resource Identifier scheme stripping. In other words, you have to clearly understand what you are doing, since the fault was something to do with the part of Uniform Resource Identifier coming before the colon. So, if you haven’t mastered your colon, it can become a problem with your Apache server configuration.

As for Apache, they’ve had a discussion about the outlined issue and the problem was allocated to have a look at it. Today the developers aren’t sure what will be better to do with the discovered vulnerability – either to strengthen the earlier released patch in the server code so that it could reject requests of this type or make up something a bit heavier. The reason why they can’t agree on details is the suggestion made by some experts who believe that tinkering with one branch of the code may also have negative consequences. For example, this move can lead to opening another hole somewhere else.


By:
SaM
December 1st,2011

Posted by: 
SaM

Date:  Thursday, December 1st, 2011



Comments (2) (please add your comment »)

1
posted by Turtle (2011-12-02 00:04:40)
D4T4 avatar"Big Hole Found in Apache". John Wayne says "It's a set up"........

2
posted by (2011-12-02 22:11:02)
gahn81 avatarThere is also a big hole in our government!!!!!!



Articles Search
Most Popular Stories
Articles Categories
Articles Tags


Home - Browse Torrents - Upload Torrent - Stat - Forum - FAQ - Login
ExtraTorrent.cc is in compliance with copyrights
BitCoin: 12DiyqsWhENahDzdhdYsRrCw8FPQVcCkcm
Can't load ExtraTorrent? Try our official mirrors: etmirror.com - etproxy.com - extratorrentonline.com - extratorrentlive.com
2006-2016 ExtraTorrent.cc2