Vulnerability Development mailing list archives
Re: Apache Worm?
From: "Steve Bremer" <steveb () nebcoinc com>
Date: Wed, 19 Jun 2002 08:22:28 -0500
what would be the likely hood a cracker could turn this into a internet worm, and what would the possible destruction be? I'm
aware
still over 50% of the webservers are running apache, but the
diffrent
distros might cause somewhat of a problem. would it not? ~ack --
From what I've read about the vulnerability, the worst that could
happen on a 32-bit *nix platform is a DoS attack. I don't have any statistics to back it up, but I would bet that most Apache installations are on 32-bit *nix. When you consider the primary platform for OSes like FreeBSD, OpenBSD, and Linux are 32-bit Intel, I think it's a pretty safe bet. So, a worm similar to Nimda that takes advantage of this vulnerability probably won't have anywhere near the impact on Apache since most vulnerable Apache installations won't be susceptible to remote code execution. Those running Apache on Windows and 64-bit *nix should be very careful however. Everyone, regardless of their platform, should upgrade to a fix version or patch their existing version. Steve Bremer
Current thread:
- Apache Worm? Doesnt Matter (Jun 19)
- Re: Apache Worm? Replugge[ROD] (Jun 19)
- Re: Apache Worm? Steve Bremer (Jun 19)
- Re: Apache Worm? hellNbak (Jun 19)
- Re: Apache Worm? qobaiashi (Jun 19)
- <Possible follow-ups>
- RE: Apache Worm? Thor Larholm (Jun 19)
- RE: Apache Worm? Horner, Jonathan J. (JH8) (Jun 19)
- RE: Apache Worm? hellNbak (Jun 19)
- Re: Apache Worm? Raistlin (Jun 21)
- Re: Apache Worm? Blue Boar (Jun 21)
- Re: Apache Worm? Raistlin (Jun 21)