Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 555
Alerts This Week
Warning Icon 1 555

Apache HTTP Server 2.0.47 Critical DoS Security Advisory

General Esm H446
The Apache Software Foundation on Monday released a new version of its open-source Web server project to plug four potentially serious security holes. The latest update to the Apache 2.0 HTTP Server (version 2.0.47) is described as a security and bug . . . The Apache Software Foundation on Monday released a new version of its open-source Web server project to plug four potentially serious security holes. The latest update to the Apache 2.0 HTTP Server (version 2.0.47) is described as a security and bug fix release to plug holes that could lead to denial-of-service attacks (define).

The Foundation warned that the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one could result in the weak ciphersuite being used in place of the strong one. The previous Apache HTTP Server version also contains a bug in the prefork MPM where certain errors returned by accept() on rarely accessed ports could cause temporal DoS.

The link for this article located at AtNewYork is no longer available.