Apache developers scramble to fix proxy flaw
From http://www.theregister.co.uk/2011/11/24/apache_bug/
Quote:
Apache developers are working on a fix of a flaw in its web server software that creates a possible mechanism to access internal systems.
The zero-day vulnerability only rears its ugly head if reverse proxy rules are configured incorrectly and is far from easy to exploit ... but it is nonetheless nasty.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|