Apache Worm in the Wild

codewolf writes "It has been reported to bugtraq by Domas Mituzas that a worm that exploits the Apache chunk bug has been found in the wild. Information on the worm can be found here. More information on the Apache bug can be found here, and patches can either be made by modifying your config file or upgrading your Apache version."

Based off of Gobbles proof of concept?

[stromthurman]

GOBBLES submitted a proof of concept apache exploit for BSD variants on the BugTraq mailing list. Based on this string found in the chunk overflow request: BLE*h*GOB I would argue that this code was very sloppy indeed. Probably stolen mostly from Gobbles with a worm wrapper thrown around it.

Re:isn't this big news?

[edhall]

(Time to blow some karma.)

Because it isn't IIS.

I don't use Microsoft products. I use Apache, at work and at home, on Linux and FreeBSD. But I also recognize hypocrisy when I see it. This is the Code Red of the Apache world. So far as "News for Nerds. Stuff that matters" it's more significant than 95% of what appears on the front page.

CT and the Slashdot crew should hang their heads in shame.

-Ed

Re:isn't this big news?

[|DaBuzz|]

If you notice, you'll see that they posted the "Gamespy Installer Spreads Nimda" story on the front page, yet not this.

Yeah, and it appears that a Windows Media EULA "revelation" regarding a change (that has been in effect for a while from what I understand) is also front page news.

So in slashdot's opinion, more "Nerds" are interested in the EULA of an app they probably don't even use than a major security issue with the web server the vast majority of them do use.

The thing is, anti-MS posts generate more comments, i.e. ad views which equals $$$, while the truth about rampant open source vulnerabilities (in all OS's and major services) only hurt this site overall since when it's proven that open source is just as bad as proprietary software in this regard, all the slashdot rank and file will stop drinking the koolaid.

Quit bitching

[Reality+Master+201]

If you can't take the anti-M$ slant, stay out of the Slashdot. It has long ago ceased to be either interesting or insightful to remark that the posters and editors of Slashdot apply a double standard when publicising security flaws, etc. Everyone knows this.
As a note to moderators: this is not insightful. The first time someone has an idea, that is insightful. The millionth time is redundant.

Re:I love Apache

This looked like a flame on another site, until I read the "keep it under your hat" post here at /.!

http://www.worldtechtribune.com/worldtechtribune/a sparticles/buzz/bz07022002.asp

"Finley Peter Dunne, a Chicago journalist in the early 20th Century, noted that a journalist was to comfort the afflicted and afflict the comfortable. To most journalists, Microsoft, with billions of dollars in the bank and millions of customers, is viewed as comfortable. Open source software, a development dogma steeped in European socialism with few success stories to its credit, is viewed as afflicted. This kind of pragmatism is nothing new to journalists: In the eyes of most elite tech media journalists, it's more 'fair' to afflict the comfortable Microsoft than it is to beat up on the poor, afflicted Apache developers."

I hate the lack of freedom imposed on the world by Mico$loth, but the worst thing would be if Apache turned into some kind of lying, closed, corporate slug! How can we in the Open Source community say we love free speech if we are going to hide or cover up issues? We must remain open at all costs to show the closed sourcers we won't stoop to their level.