On Fri, 2003-10-10 at 18:18, Kevin Saenz wrote: > I have just received an email from PC Authority that contains the > top ten vulnerabilities within windows and *nix. > The list ranked IIS number one problem for security and for number 3 > Apache web server. Besides SSL issues what security issues came from > Apache? I don't think SSL should have marked Apache in such a way. > Here is the link if you are interested in reading it.
Apache *is* the web server of choice for the web. IBM, Sun, and others have used it extensively. Not surprisingly there are a few exploits, most old and forgotten however there are companies that do not upgrade their versions quickly. There was a worm if you had gcc installed more than 1 year ago. Due to the power of Apache there are several sites that have holes by the application and few make that distinction. I probably wouldn't as a "security expert" so that people focus on the web server first, applications and all. -- Thanks KenF OpenOffice.org developer -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
