Hi folks, the final draft for the latest Apache httpd CVE is out:
http://marc.info/?l=apache-httpd-dev&m=131420013520206&w=2 I was wondering how this would affect an Apache httpd sitting behind ATS so for the sake of science I attacked one of my (test) systems. The result is: The system is bored and unimpressed. (I also an tested Apache httpd proxy where I implemented the #1 Mitigation: Both, backends and frontend are underwhelmed.) Please be sure to secure your systems. Either as suggested. Or by running ATS ;) i -- Igor Galić Tel: +43 (0) 664 886 22 883 Mail: [email protected] URL: http://brainsware.org/ GPG: 571B 8B8A FC97 266D BDA3 EF6F 43AD 80A4 5779 3257
