A PHP Error was encountered

Severity: 8192

Message: Methods with the same name as their class will not be constructors in a future version of PHP; Waterfall_Cache has a deprecated constructor

Filename: _common/waterfall_cache.php

Line Number: 47

A PHP Error was encountered

Severity: 8192

Message: Methods with the same name as their class will not be constructors in a future version of PHP; Cache_System has a deprecated constructor

Filename: _common/waterfall_cache.php

Line Number: 194

A PHP Error was encountered

Severity: 8192

Message: Methods with the same name as their class will not be constructors in a future version of PHP; Memcache_Cache_System has a deprecated constructor

Filename: _common/waterfall_cache.php

Line Number: 275

A PHP Error was encountered

Severity: 8192

Message: Methods with the same name as their class will not be constructors in a future version of PHP; Filesystem_Cache_System has a deprecated constructor

Filename: _common/waterfall_cache.php

Line Number: 440

A PHP Error was encountered

Severity: 8192

Message: Methods with the same name as their class will not be constructors in a future version of PHP; APC_Cache_System has a deprecated constructor

Filename: _common/waterfall_cache.php

Line Number: 628

Covalent Releases Information on Apache 2.0 Vulnerability

Covalent Releases Information on Apache 2.0 Vulnerability

By ServerWatch Staff (Send Email)
Posted Aug 12, 2002


On August 9, 2002, the Apache Software Foundation issued a security advisory for non-Unix versions of Apache 2.0. Covalent announced that customers running any version of its following products are affected by this advisory.

Covalent Enterprise Ready Server 2.0-2.1.1 for Windows platforms (Windows 2000, Windows NT 4, Windows XP). On August 9, 2002, the Apache Software Foundation issued a security advisory for non-Unix versions of Apache 2.0. Covalent identified the versions of its products that are affected by this advisory.

Covalent Fast Start Server 3.0-3.1.1 for Windows platforms.

According to the company, the vulnerability does not affect any Fast Start versions previous to 3.x, and does not affect any UNIX/LINUX platforms.

Identifiers: CAN-2002-0661
Additional information: httpd.apache.org
Affects: All Released versions of 2.0 through 2.0.39
Fixed in: 2.0.40

The security vulnerability that was reported to and verified by the Apache Software Foundation allows an attacker to potentially inflict serious damage on a server, and reveal sensitive information. Covalent strongly recommends that all affected customers apply the solution to their Covalent Apache servers as soon as possible. A simple one-line addition to the Apache configuration file, httpsd.conf, closes the vulnerability.

Prior to the first 'Alias' or 'Redirect' directive, add the following directive to the global server configuration:

RedirectMatch 400 "\\\.\."

Fixes for this vulnerability are also included in Apache HTTP server version 2.0.40. The 2.0.40 release also contains fixes for two minor path-revealing exposures. This release of Apache is available at http://www.apache.org/dist/httpd/

More information will be made available by the Apache Software Foundation and Auriemma Luigi in the coming weeks.

Page 1 of 1


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.


 

 


Thanks for your registration, follow us on our social networks to keep up-to-date