Apache Pre 1.3.24 on win32 allows command execution

Ory Segal from sanctuminc.com has found a hole in apache versions prior to 1.3.24 which allows an attacker to execute commands on win 32 versions of apache. This is considered a serious threat and you should upgrade immediately. On another note a minor hole in every version was fixed. I have included...

Fingerprinting Port 80 Attacks 2: A look into web server, and web application attack signatures: Part Two.

Part two of "Fingerprinting port80 attacks". This paper provides information on web application attack forensics that will help you identify what an attacker might be doing. Part two covers attacks that where not mentioned in the first paper. Fingerprinting Port80 Part 2 (TXT) Fingerprinting Port80 Part 2 (HTML)
Looking for something else or having a hard time finding a story? We recently moved things around so please use the search bar on the right!