[wp-hackers] Apache2 Security Update
Dougal Campbell
dougal at gunters.org
Fri Jul 8 14:13:06 GMT 2005
Scott Merrill wrote:
> Dougal Campbell wrote:
>
>>Those of you running Apache2 should update to version 2.1.6:
>
>
> 2.1.6 is the unstable branch. Don't upgrade to the unstable branch
> unless you know what you're doing.
>
>
>>http://www.whitedust.net/speaks/825/Apache%20Request%20Smuggling%20Vulnerability/
>
>
> The actual vulnerability seems only to apply to systems running
> mod_proxy, or behind proxies of some other sort. The exploit involves
> multiple systems speaking to one another, each handling Content-Length
> differently.
>
> If you're not behind a proxy, you're not vulnerable to this exploit,
> from what I understand.
Ah, sorry for jumping the gun. I should have read more in-depth. I just
wanted to make sure that anyone affected go the information as quickly
as possible.
--
Dougal Campbell <dougal at gunters.org>
http://dougal.gunters.org/
More information about the wp-hackers
mailing list