Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apache Flaw Allows Internal Network Access

Posted by samzenpus on Sunday November 27, 2011 @10:04PM from the protect-ya-neck dept.

angry tapir writes "A yet-to-be-patched flaw discovered in the Apache HTTP server allows attackers to access protected resources on the internal network if some rewrite rules are not defined properly. The vulnerability affects Apache installations that operate in reverse proxy mode, a type of configuration used for load balancing, caching and other operations that involve the distribution of resources over multiple servers."

4 of 99 comments (clear)

Min score:

Reason:

Sort:

bug confirmed on slashdot.org server by Anonymous Coward · 2011-11-27 22:12 · Score: 5, Funny

it allowed me to get frist post
Re:Garbage in, by Anonymous Coward · 2011-11-27 22:26 · Score: 1, Funny

Apache is garbage! Upgrade to IIS!
Linux security flaw discovered by xyph0r · 2011-11-27 22:31 · Score: 4, Funny

If you set the root password to 'password' and allow root login via ssh, attackers could compromise your system.

--
SQL programmer goes to a bar. Walks up to two tables and says 'Excuse me, may I join you?'.
1. Re:Linux security flaw discovered by Anonymous Coward · 2011-11-27 22:36 · Score: 4, Funny
  
  If you set the root password to 'password' and allow root login via ssh, attackers could compromise your system.
  Wooot? Thank God I used 'root' as my root password then ;)