Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
Security /

Apache exploit circulating, users urged to patch

Today's breaking news
Send to a friendFeedback

Advertisement:

By Sam Costello
IDG News Service, 06/20/02

If users have put off patching their Apache Web servers against the vulnerability discovered Monday, they should wait no longer, as an exploit to attack the security hole is now circulating on the Internet, according to Oliver Friedrichs, director of engineering at SecurityFocus.

The exploit -- a tool which makes attacking a vulnerability easier -- was posted to the Bugtraq security e-mail list on Wednesday, Friedrichs said.

The existence of an exploit "makes the possibility of a worm that targets these (systems) more likely," he said.

Advertisement:

The vulnerability, announced Monday by Internet Security Systems Inc., and then expanded upon by the Apache Software Foundation, could allow an attacker to take control of an affected Web server. Because of a flaw in the way Apache handles uploads, an attacker could send a specially formed request to the server and cause it to deny service to legitimate users or take the system over, both groups said.

More than 60% of the Web servers on the Internet use Apache, according to data from Web server monitoring firm Netcraft.

The CERT Coordination Center, a federally funded computer security body located at Pittsburgh's Carnegie Mellon University, and Internet Security Systems both updated their advisories on the vulnerability after the release of the exploit, urging users to patch their systems.

Despite the presence of an exploit, SecurityFocus "(hasn't) seen increased attack activity" focused at Apache systems, Friedrichs said. SecurityFocus monitors the networks of over 9,000 companies in over 145 countries for security data and then aggregates it to create a picture of global, regional and industry-specific Internet security.

The dearth of attacks isn't surprising to Friedrichs, as there is usually a one- to two-week period between vulnerability announcements and attacks, he said.

Though the exploit released Wednesday only attacks Apache installations running on the OpenBSD operating system, "it's not a monumental task... for someone to modify it (to work with other operating systems)," he said.

Users should patch their systems immediately and check with their vendors for more information, Friedrichs said.

"People... should be making the patching of their Apache servers a high priority," he said.

The IDG News Service is a Network World affiliate.

RELATED LINKS

Apply for your free subscription to Network World. Click here. Or get Network World delivered in PDF each week.

Get Copyright Clearance
Request a reprint or permission to use this article.


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.