« Fingerprinting Port 80 Attacks 2: A look into web server, and web application attack signatures: Part Two. | Main | Macromedia Flash Activex Buffer overflow »

Apache Pre 1.3.24 on win32 allows command execution

Ory Segal from sanctuminc.com has found a
hole in apache versions prior to 1.3.24 which allows
an attacker to execute commands on win 32 versions
of apache. This is considered a serious threat and you
should upgrade immediately. On another note a minor
hole in every version was fixed. I have included that
change log snippet below.

--- Snippet from change log ---

*) [Security] Prevent invalid client hostnames from appearing in
the log file. If a double-reverse lookup was performed (e.g.,
for an "Allow from .my.domain" directive) but failed, then
a spoofed dns-reverse-address could appear in the logs. Now
the numeric address is logged instead. Note that
reverse-address-spoofing did NOT actually allow access
to any protected resource! [Martin Kraemer]

--- end snippet from change log ---

Further information is provided in the links below.

Upgrade to 1.3.24

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.


All Comments are Moderated and will be delayed!