Threat Level: green Handler on Duty: Rick Wanner

SANS ISC: InfoSec Handlers Diary Blog - Revival of an Unpatched Apache HTTPD DoS InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Revival of an Unpatched Apache HTTPD DoS

Published: 2011-08-25
Last Updated: 2011-08-25 03:17:50 UTC
by Kevin Shortt (Version: 1)
8 comment(s)

Readers have been writing in and I wanted to get this out to for info and comment.  I have not had a chance to test it out myself.  It first surfaced in 2007 by Michal Zalewski on bugtraq. [1]   It appears due to its lack of sophistication, that it did not get much attention by Apache developers and it has remained unpatched all of this time.

It formally resurfaced last Friday with a proof of concept.  A CVE is in draft and a patch is expected in a few days by the Apache team.  You can read a discussion about it on the Apache HTTPD dev mailing list. [2]   The link provides details on some mitigation measures to be taken.   When I get chance I will test and report back.  

In the mean time please share your experiences with your fellow readers with a comment.

 
[1] http://seclists.org/bugtraq/2007/Jan/83
[2] http://marc.info/?l=apache-httpd-dev&m=131418828705324&w=2

-Kevin
--
ISC Handler on Duty

Keywords: apache DoS kill tool
8 comment(s)
Diary Archives