[Dshield] APACHE

Johannes Ullrich jullrich at sans.org
Thu Jun 20 00:54:43 GMT 2002


  One of the first widely used web servers, developed by the
NSCA. It quickly became famous for all the patches that had
to be applied to get it to work. To make it easier for sysadmins,
a group came up with 'apache' ('all patches'), essentially the
NSCA web server with all patches applied.

  Now it is time to patch again. While Apache has a pretty
good security record, the vulnerability published this week is
critical and has to be patched. Version 1.3.26, which was 
released yesterday, has all the necessary fixes incorported.

  Please do not delay this upgrade. Do not get distracted by
the 'disclosure' debate around this issue. For you as a sysadmin,
the critical action item should be to patch all apache servers
no later than Friday.

  Take the time to review your security settings:
- is apache running as 'nobody'?
- what modules do you have install? Do you need them?
- who is able to write to any directory access by apache?
- what other services are running on this machine?
- backups? tripwire?

  Please don't delay this and urge others to patch as well!

-- 
---------------------------------------------------------------
jullrich at sans.org             Collaborative Intrusion Detection
                                    join http://www.dshield.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20020619/180ef2e1/attachment.bin


More information about the list mailing list