HZFQ.COM
welcome to my space
X
Search:  
Welcome to:hzfq.com
Writing | Self Help | Travel | Wines and Spirits | Plastic Surgeries | Advertising | Forums | Banking | Related articles
NAVIGATION: Home >>

DoS Holes Plugged in Apache 2.0

Published by: smith 2008-11-23

As part of a deliberate effort to be proactive about security updates, the Apache Software Foundation on Wednesday released a new version open-source Apache 2.0 HTTP Server to fix two potentially serious denial-of-service (define) vulnerabilities.

2008 March Bardissi Enterprises Blog::
vulnerabilities that attackers could exploit in Denial of Service (DoS) attacks. in software packages that ship as part of OS X, including Apache,
http://bardissi.wordpress.com/2008/03HOME
The Foundation, which was burned in the past when a high-risk exploit was released on security mailing lists before a patch could be issued, released version 2.0.46 of the server on Wednesday but is withholding details of the security holes until users can apply the upgrade.

Build Your Own Database Driven Website Using PHP & MySQL::
holes. PHP and Apache 2.0 in Windows ways to install the PHP plug-in for Apache:
http://www.sitepoint.com/books/Kevs-php-mysql.pdfHOME
Tenable Network Security::
FreeBSD : apache -- multiple vulnerabilities (1136) dovecot -- security hole in blocking passdbs FreeBSD : lighttpd -- Remote DOS in CRLF parsing (940)
http://nessus.org/plugins/index.php?view=all&family=FreeBSD+Local+Security+ChecksHOME

(Apache 2.0.46 is available for download here).

archive gnats bug reports, 1997::
default values for IconHeight/Width not plugged in. 1464. 1997/11/23 Name of servers DOS window changes from APACHE to tclsh80 when script execu
http://archive.apache.org/gnats/index1997.htmlHOME
IT Security | TechRepublic.com::
DOS vulnerability in F-PROT Two critical holes in Firefox plugged holes in the popular Firefox Web browser affecting both versions 2.0 and
http://blogs.techrepublic.com.com/security/?cat=271&paged=1HOME
The ASF said Apache versions 2.0.37 through 2.0.45 can be caused to crash in certain circumstances through mod_dav and possibly other mechanisms but no further details would be provided until Friday May 30.

Additionally, the Foundation said Apache versions 2.0.40 through 2.0.45 on Unix platforms were found to be vulnerable to a DoS attack on the basic authentication module. "A bug in the configuration scripts caused the apr_password_validate() function to be thread-unsafe on platforms with crypt_r(), including AIX and Linux," Apache explained.

The open source project, which is run by volunteers within the ASF, said all versions of Apache 2.0 contain the thread-safety problem on platforms with no crypt_r() and no thread-safe crypt(), such as Mac OS X and possibly others.

Latest statistics from Netcraft show Apache dominating the Web server market, with 63 percent, or 25 million sites, well ahead of server products from Microsoft, Zeus and Sun Microsystems .




Lindows.com Nabs New Customer in Japan
Digitally Archiving the Universe

You are looking at:hzfq.com's DoS Holes Plugged in Apache 2.0, click hzfq.com to home
#If you have any other info about this subject , Please add it free.#
Your name:
E-mail:
Telphone:

Your comments:


If you have any other info about DoS Holes Plugged in Apache 2.0 , Please add it free.
About us |Contact us |Advertisement |Site map |Exchange links
Copyright© 2008hzfq.com All Rights Reserved