dcsimg

Linux Advisories Issued for Apache, Tomcat

By ServerWatch Staff (Send Email)
Posted Oct 28, 2002


A Gentoo Linux security announcement issued earlier this month reveals a flaw in Gentoo Linux that exposes Apache 1.3.26-r4 users to a vulnerability in its shared memory scoreboard. Attackers who can execute commands under the Apache UID can send a (SIGUSR1) signal to any process as root, in most cases killing the process, or can launch a local denial of service attack. Gentoo Linux has issued an advisory that Apache HTTP Server contains a vulnerability in its shared memory scoreboard. Attackers who can execute commands under the Apache UID can either send a (SIGUSR1) signal to any process as root, which in most cases will kill the process, or launch a local denial of service attack.

Complete Story

Page 1 of 1


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.