Date: Sun, 27 Jul 2003 14:07:33 -0300 From: "Mark Dodel" Subject: [VOICENWS] SW: Apache for OS/2 Update - Denial of Service Vulnerabilty Forwarded message from UseNet-2003DESPAM at The-Net-4U.com on Thu, 24 Jul 2003 19:28:10 UTC Posted on comp.os.os2.networking.tcp-ip from the Oxygen newsletter of Panda Antivirus Software: - New version 1.3.28 of the Apache HTTP server - Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com) Madrid, July 23 2003 - The Apache Software Foundation has released(*) the new version 1.3.28 of its HTTP server which, among other improvements, fixes three new vulnerabilities detected in previous versions. These security problems are: - A possible denial of service (DoS) affecting Apache logs when receiving the characters "0x1A", when using the "rotatelogs" option. This problem has only been reproduced in Apache version 1.3.27 on Microsoft Windows and IBM OS/2 platforms. ---------- rest of the text available at www.PandaSoftware.com -- regards from Leeuwarden Peter van Dobben de Bruijn ---- use-the-net .at. The-Net-4U.com (.at. becomes at ) ---- ---END FORWARDED MESSAGE--- -- From the eComStation of Mark Dodel http://www.os2voice.org Warpstock 2003, San Francisco, October 18-19th - http://www.warpstock.org -- Warpstock 2003 - San Francisco, California, October 18-19 http://www.warpstock.org [Moderator's note: Because of the incredible increase in SPAM lately I will now endeavor to add DESPAM to email addresses in all posts to the News list. Yes I know that the ReplyTo and From addresses are not modified. This action is to protect email addresses that will appear in HTML pages. If you wish to send a response to someone listed in the post be sure to remove the "DESPAM" from any email address in the body of the post.] -- To unsubscribe yourself from this list, send the following message to majormajor at os2voice.org unsubscribe news end If you have an announcement you would like posted to the VOICE News list, please send it to submit at os2voice.org. Please include a valid reply address and a real contact name. If you wish to comment on this post, please reply to feedback at os2voice.org