Thread: Apache HTTP Server update fixes remote DoS issue - Update
View Single Post
  #1   (View Single Post)  
Old 12th May 2011
J65nko J65nko is offline
Administrator
  
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,131
Default Apache HTTP Server update fixes remote DoS issue - Update
From http://www.h-online.com/security/new...e-1241951.html

Quote:
The Apache HTTP Server developers have released version 2.2.18 of the eponymous web server as a bug fix and security fix release. The security fix is needed because of a vulnerability to a Denial of Service (DoS) attack; the vulnerability is rated as moderate.

A bug in Apache Portable Runtime's (APR) apr_fnmatch() function could be provoked into triggering recursive string matching and thus causing excessive CPU usage and exhausting memory.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote