Monday, March 8, 2010

Serious Apache Flaw Reported

Numerous outlets are reporting a rather serious vulnerability in Apache web server versions prior to version 2.2.15. Anyone running version 2.2.14 and earlier needs to upgrade to 2.2.15.

The vulnerability is found in Apache's core "mod_isapi" module. Successful exploit of this module could allow an attacker to gain system-level privileges. At present, it appears this flaw impacts Apache web server on Windows platforms only.

Proof of concept code has been written by Sense of Security, and although the exploit is complex in its design, it will certainly be ported to various attack frameworks which will remove some of the technical acumen needed to run the exploit.

Since it's not trivial to determine if the Apache web server has been compromised, and given that data loss is a very real possibility, updating to 2.2.15 appears to be the only solution at this point. As with all things Internet-facing, make sure you do adequate regression testing in a dev environment before pulling the trigger in production.


No comments:

Post a Comment

Please tell me what you think.