-
June 18th, 2002, 10:16 PM
#11
Well, according to the advisory on http://www.cert.org/advisories/CA-2002-17.html, it can lead to a compromise of content as well as to a denial of service condition. It also specifically mentions that UNIX versions of apache are vulnerable as well.
Furthermore, it also mentions that the patch supplied by ISS is geared towards WIN32 Apache and will not fix the UNIX versions and that is generally a bad idea to apply the patch.
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)
-
June 18th, 2002, 10:31 PM
#12
Post of the all the politics behind this are posted in this thread.
Gotta love ISS in their quest to sell product... expecting to see an announcement at any moment, "ISS Successfully detects attempts to exploit this vulnerability and immediately shuts down the connection." (of course, they never tell you that people can use that feature in their code to successfully DoS a company stupid enough to use that "automatic feature")
\"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"
-
June 18th, 2002, 10:44 PM
#13
Oh the ironi: AO runs both Apache and ISS's RealSecure
Ammo
Credit travels up, blame travels down -- The Boss
-
June 18th, 2002, 10:46 PM
#14
Junior Member
apache for windows? wow... god that must suck
illv//
illv // seen the digital world from monochrome dial up to what it is today.
-
June 19th, 2002, 01:42 AM
#15
Originally posted here by illv
apache for windows? wow... god that must suck
illv//
In much the same way that anything for Winblowz sucks, except for maybe things like UT and similiar. But, Apache on Winblowz sucks less than IIS on anything.
\"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"
-
June 19th, 2002, 04:59 AM
#16
The site www.antionline.com is running Apache/1.3.22 on Windows 2000
According to Netcraft....
Well don't feel to bad JP, I use W2K, W-XP Pro, and Linux version of Apache
on a bunch of different boxes... No I do not use IIS, I may use MS OS for some
of my servers, BUT I AM NOT NUTS!!! (I hope!)
Now if the patch is released soon... I'll be a HAPPY Camper!!!
NOW If they can patch the spammers, so they go away!!!
Franklin Werren at www.bagpipes.net
Yes I do play the Bagpipes!
And learning to Play the Bugle
-
June 19th, 2002, 05:04 AM
#17
Hum, AO runs on Sun I believe...
Ammo
Credit travels up, blame travels down -- The Boss
-
June 19th, 2002, 05:59 AM
#18
Posted on Apache.Org:
The Apache Software Foundation has released versions 1.3.26 and 2.0.39 to address and fix this issue. These version are available for download; see below.
Crisis solved. How long did it take M$ to fix IIS?
/* You are not expected to understand this. */
-
June 19th, 2002, 09:06 AM
#19
LOL.. anyone wanna compromise AntiOnline?
-
June 19th, 2002, 09:26 AM
#20
Senior Member
Originally posted here by s0nIc
LOL.. anyone wanna compromise AntiOnline?
you lead the way, s0nIc, and i definitely won't follow!
perhaps some L337 h4x0r-wannabes will try. will the intrusion attempts link show them?
regards,
mark.
\'hi, welcome to *****. if you would like to speak to an operator, please hang up now.\'
* click *
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|