Apache 1.3.x proxy hole
Joe Hamelin
nethead at gmail.com
Wed Jul 7 11:10:01 PDT 2004
Techworld is reporting that: "The bug affects Apache 1.3.x
installations configured to act as proxy servers, which relay requests
between a Web browser and the Internet. When a vulnerable server
connects to a malicious site, a specially-crafted packet can be used
to exploit the vulnerability, according to security researcher Georgi
Guninski, who has publicly released exploit code."
http://bsdnews.com/view_story.php3?story_id=4628
http://www.techworld.com/opsys/news/index.cfm?newsid=1814&page=1&pagepos=2
Does anyone know of a FreeBSD patch for this out yet?
--
Joe Hamelin
Edmonds, WA, US
More information about the freebsd-isp
mailing list