madison
Home / News & Blogs

Apache bug prompts update advice

Colin Ho,ZDNet.com.au | March 8, 2010 12:02 PM PST

Summary

IT security company Sense of Security has discovered a serious bug in Apache's HTTP web server, which could allow a remote attacker to gain complete control of a database.

Topics

Apache Software Foundation, Web Servers, Open Source, Internet, apache, bug, exploit, root kit, sense, security, vulnerable, attack, Colin Ho, ZDNet.com.au, Colin Ho, ZDNet.com.au

Discovered by the company's security consultant Brett Gervasoni, the vulnerability exists in Apache's core "mod_isapi" module. By exploiting the module, an attacker could remotely gain system privileges that would compromise data security.

Users of Apache 2.2.14 and earlier are advised to upgrade to Apache 2.2.15, which fixes the exploit.

According to Sense of Security spokesperson Jason Edelstein, Apache is one of the most popular pieces of web server software used today and the vulnerability was one of the most significant bugs in Apache for years.

For more on this story, read Apache bug prompts update advice on ZDNet Australia.

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity