Slashdot Mirror

← Back to Stories (view on slashdot.org)

Serious Apache Exploit Discovered

Posted by Soulskill on from the time-to-update dept.

bennyboy64 writes "An IT security company has discovered a serious exploit in Apache's HTTP web server, which could allow a remote attacker to gain complete control of a database. ZDNet reports the vulnerability exists in Apache's core mod_isapi module. By exploiting the module, an attacker could remotely gain system privileges that would compromise data security. Users of Apache 2.2.14 and earlier are advised to upgrade to Apache 2.2.15, which fixes the exploit." Note: according to the advisory, this exploit is exclusive to Windows.

9 of 160 comments (clear)

  1. Windows only by Albanach · · Score: 5, Informative

    This would have been useful in the summary. From the linked page:

    Platform. Microsoft Windows

    Details.
    The Apache HTTP Server, commonly referred to as Apache, is a
    popular open source web server software. mod_isapi is a core
    module of the Apache package that implements the Internet Server
    extension API. The extension allows Apache to serve Internet
    Server extensions (ISAPI .dll modules) for Microsoft Windows
    based hosts.

    While I'm sure it will impact many people, I'd still imagine the majority of Apache users are running it on a platform other than Windows

  2. It's unanimous! by ipquickly · · Score: 5, Funny

    7 out of the first 8 posts agree that this is Windows only.

    1. Re:It's unanimous! by rvw · · Score: 4, Funny

      7 out of the first 8 posts agree that this is Windows only.

      You must be using Windows Calculator!

  3. Re:Note: Apache ON WINDOWS by TheRaven64 · · Score: 4, Informative

    MS bashing isn't really appropriate here. The module only runs on Windows (although there were some efforts to make it call out into WINE so you could run ISAPI modules on *NIX), but the vulnerability is entirely Apache's fault. It isn't doing any privilege separation or exploit mitigation, and it's running code at the highest possible privilege level, which makes this bug into a serious exploit. The same bug in a module that ran on Linux would result in a remote root exploit.

    --
    I am TheRaven on Soylent News
  4. Re:Note: Apache ON WINDOWS by jedidiah · · Score: 5, Insightful

    > The same bug in a module that ran on Linux would result in a remote root exploit.

    Really?

          ps -aef | grep apach

          root 3029 1 0 08:10 ? 00:00:00 /usr/sbin/apache2 -k start
          www-data 3072 3029 0 08:10 ? 00:00:00 /usr/sbin/apache2 -k start
          www-data 3073 3029 0 08:10 ? 00:00:00 /usr/sbin/apache2 -k start

    --
    A Pirate and a Puritan look the same on a balance sheet.
  5. Re:Not Apache's problem by WPIDalamar · · Score: 4, Informative

    The extension module DLL's are third party.

    The core isapi apache module is all apache, and that's where the bug is.

  6. You bastards gave me a heart attack! by SlappyBastard · · Score: 4, Funny

    I had to read the article to see it was Windows only . . . whew.

    --
    I scream. You scream. I assume that means we're both acquainted with the problem. We proceed.
  7. Gain Complete Control by ArundelCastle · · Score: 5, Funny

    I would really like to make a shirt that says: "This T-shirt has a serious exploit that allows a remote attacker to gain complete control."
    It should be printed around the bottom hem for maximum effect.
    Could also work on tighty whiteys.

    I said I'd like to make it, not wear it. :-)

  8. Re:Note: Apache ON WINDOWS by jedidiah · · Score: 4, Insightful

    It doesn't matter if "its just as bad". It isn't a "root exploit". It's highly inaccurate to call it one.

    Muddling terms is how you end up with nonsense like not being able to tell programs from data.

    Distinctions are important for just this reason.

    Yes it still sucks.

    --
    A Pirate and a Puritan look the same on a balance sheet.