Home > Features > Apache Exploit Revealed • Bookmark   • Newsletters   • Register Search Options

FEATURE

Apache Exploit Revealed

Apache Exploit Revealed

May 13, 2010
Text size: 
Get XBIZ News
XBIZ Research
Will virtual reality boost the paysite market?
Yes, it will soon
  39.66%
Yes, but in a few years
  36.87%
No
  23.46%
Out of 179 votes. Results based on votes submitted by members of XBIZ.net social network.

" This critical piece of software underpins countless adult websites "

A major benefit of using Open Source software is that extensive and vocal user communities and analytics groups tend to form around the most popular applications — including around the sweetheart of adult (and mainstream) webhosting, the Apache HTTP Server.

This critical piece of software underpins countless adult websites and thus supports the daily availability of the adult Internet in no small way — so a swift response must meet any threat to it.

Sense of Security recently revealed one such threat, when it demonstrated a dangling pointer vulnerability within some Apache installation's mod_isapi module.

"mod_isapi is a core module of the Apache package that implements the Internet Server extension API," the SOS warning states. "The extension allows Apache to serve Internet Server extensions (ISAPI .dll modules) for Microsoft Windows based hosts."

"By sending a specially crafted request followed by a reset packet it is possible to trigger a vulnerability in Apache mod_isapi that will unload the target ISAPI module from memory," the report elaborated. "However function pointers still remain in memory and are called when published ISAPI functions are referenced."

The resulting dangling pointer exploit allows the execution of arbitrary code.

"The vulnerability means that you can take complete control of the web server remotely with system privileges — which is the highest privilege on Windows," Jason Edelstein, a Sense of Security spokesperson, stated. "An attacker could gain access to, modify and take away data."

The recommended solution is for affected Apache users to upgrade to the software's latest version.


LEGAL PERSPECTIVES

The Skinny on the New DMCA Requirement

The requirements under the Digital Millennium Copyright Act (DMCA) have changed, but the sky is not falling. We have, even as a law firm, been hit with an unbelievable amount of spam sent out by law firms... More »

2017 Outlook: Legal Matters Around the Corner

The adult entertainment business’ legal community recently weighed in the top issues that companies and the industry, as a whole, should be concerned about. XBIZ asked industry attorneys to discuss... More »

Fraudulent Brazilian Trademark Registrations Running Rampant

Although you might not think often about protecting your trademark rights in Brazil, you need to — even if you don’t yet have a single Brazilian customer. Scammers are constantly looking for... More »
XBIZ NEWSLETTERS
Stay informed of the latest industry developments. Get XBIZ newsletters delivered to your inbox. Subscribe today!
Enter email address:

* To manage existing subscriptions click here.






POPULAR PRODUCTS & SERVICES
Submit your press release to
multiple news outlets with 1 click.
Subscribe to RSS news feeds or
add free content to your website.
Access XBIZ news and articles
with your mobile device.
Access the latest issues of the industry's leading trade publications in digital form. View online or download for offline viewing.

UPCOMING EVENTS

The European Summit

Mar 04 - Mar 07
Barcelona-Sitges, Spain

The TEA Show

Mar 05 - Mar 06
Hollywood, CA

Phoenix Forum 2017

Mar 23 - Mar 26
Tempe, Arizona

EXXXOTICA Denver

Mar 31 - Apr 02
Denver, CO.
Everyday thousands of business professionals browse XBIZ's industry directory for quality products and services. Not listed yet? Your company could be losing potential new business. Submit your company today!
Use XBIZ RSS feeds to stay informed of the latest industry developments or as a content syndication tool for your website!