Language Selection

English French German Italian Portuguese Spanish

Apache bug prompts update advice

Filed under
Software
Security
Web

IT security company Sense of Security has discovered a serious bug in Apache's HTTP web server, which could allow a remote attacker to gain complete control of a database.

Discovered by the company's security consultant Brett Gervasoni, the vulnerability exists in Apache's core "mod_isapi" module. By exploiting the module, an attacker could remotely gain system privileges that would compromise data security.

Users of Apache 2.2.14 and earlier are advised to upgrade to Apache 2.2.15, which fixes the exploit.

According to Sense of Security spokesperson Jason Edelstein, Apache is one of the most popular pieces of web server software used today and the vulnerability was one of the most significant bugs in Apache for years.

rest here




More in Tux Machines

Android Leftovers

Ryzen 3 Linux Gaming Benchmarks: NVIDIA vs. AMD Radeon

This week I posted some fresh OpenGL vs. Vulkan benchmarks on the AMD Ryzen 3 while for this weekend article are some more Linux gaming benchmarks from the budget-friendly Ryzen 3 1200 and Ryzen 3 1300X processors. On the Ryzen 3 1200 and Ryzen 3 1300X, NVIDIA's GeForce GTX 1050 and GTX 1060 graphics cards were tested while on the Radeon side was the RX 560 and RX 480 graphics cards. The NVIDIA driver release used was the 384.59 driver while on the Radeon side was Linux 4.13 AMDGPU DRM plus Mesa 17.3-dev Git built against LLVM 6.0 SVN using the Padoka PPA. Read more

Some Fresh I/O Scheduler Benchmarks: Linux 4.13 With BFQ, CFQ, Kyber, Deadline

For those curious about the state of I/O schedulers with the in-development Linux 4.13 kernel, here are some fresh disk benchmarks using the 4.13 Git kernel on an Intel laptop/ultrabook and testing the various in-kernel options. Tests were done from a Broadwell era Lenovo ThinkPad X1 Carbon with SSD. In the days ahead I'll have some tests as well from a slower, rotational media system. Read more

Wine 2.15