Apache Vulnerabilities

Created 5/18/01

Impact

A remote attacker could crash the web server.

Background

Apache is a web server which runs on Unix, Linux, and Windows systems.

The Problems

A vulnerability in the Windows and OS/2 versions of Apache could allow a remote attacker to cause the web server to perform an illegal operation. This attack would cause the server to remain unresponsive until an administrator is able to clear the fault and restart the server.

The Windows and OS/2 versions of Apache 1.3.19 and earlier are affected by this vulnerability unless the patch has been applied.

Resolutions

Install Apache 1.3.20 or higher. If this version is not yet available, install Apache 1.3.19, and apply the fixfault_win32_os2 patch.

Where can I read more about this?

This vulnerability was posted to the Apache announcements list.