Two Denial of Service conditions found in the Apache2 web-servers mod_ssl module

Posted by xiando on Sep 7, 2004 4:50 AM EDT
LinuxReviews.org; By xiando
Mail this story
Print this story

This means any evil black-hat can close down a vulnerable apache2 web-server and make all websites hosted on it temporarily unavailable.

Version 2.0.50 of the Apache2 web server, released 1st July, fixed a Memory allocation denial of service (DoS) vulnerability (CAN-2004-0493) affecting all previous versions of apache2.

Now two new Denial of Service conditions are found in the mod_ssl module module included in apache2. Detailed information is classified as RESERVED (for white-hats only) and described in CAN-2004-0748 and CAN-2004-0751.

Denial of service (DoS) means intentionally doing something you know will cause the service you are attacking to become unavailable. This can be done by overloading the service or somehow by luring it into running code that will crash the program process running the service.

Read more

  Nav
» Read more about: Story Type: News Story

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.