Home > Features > Apache Exploit Revealed • Bookmark   • Newsletters   • Register Search Options


Apache Exploit Revealed

Apache Exploit Revealed

May 13, 2010
Text size: 
Get XBIZ News
XBIZ Research
Will virtual reality boost the paysite market?
Yes, it will soon
Yes, but in a few years
Out of 150 votes. Results based on votes submitted by members of XBIZ.net social network.

" This critical piece of software underpins countless adult websites "

A major benefit of using Open Source software is that extensive and vocal user communities and analytics groups tend to form around the most popular applications — including around the sweetheart of adult (and mainstream) webhosting, the Apache HTTP Server.

This critical piece of software underpins countless adult websites and thus supports the daily availability of the adult Internet in no small way — so a swift response must meet any threat to it.

Sense of Security recently revealed one such threat, when it demonstrated a dangling pointer vulnerability within some Apache installation's mod_isapi module.

"mod_isapi is a core module of the Apache package that implements the Internet Server extension API," the SOS warning states. "The extension allows Apache to serve Internet Server extensions (ISAPI .dll modules) for Microsoft Windows based hosts."

"By sending a specially crafted request followed by a reset packet it is possible to trigger a vulnerability in Apache mod_isapi that will unload the target ISAPI module from memory," the report elaborated. "However function pointers still remain in memory and are called when published ISAPI functions are referenced."

The resulting dangling pointer exploit allows the execution of arbitrary code.

"The vulnerability means that you can take complete control of the web server remotely with system privileges — which is the highest privilege on Windows," Jason Edelstein, a Sense of Security spokesperson, stated. "An attacker could gain access to, modify and take away data."

The recommended solution is for affected Apache users to upgrade to the software's latest version.


Creating a Top-Notch, Lucrative Adult Website

If there’s one thing I’ve seen consistently over the 10 years I’ve been running Elevated X and working exclusively with paysite owners it’s that no matter how competitive the paysite... More »

Artificial Intelligence Treats Risk Like Cancer

An embarrassing thing happened to me in Amsterdam. I’d just finished dinner with a new partner at a nice restaurant. OK … more expensive than nice, but you know what I mean. I grade food in... More »

8 Tips for Scaling Up Your Ad Campaign

As an advertiser it can take some time for you to get a successful campaign going because many ideas don't always work out. Once you have a great converting campaign it can also quickly die out, so that's... More »
Stay informed of the latest industry developments. Get XBIZ newsletters delivered to your inbox. Subscribe today!
Enter email address:

* To manage existing subscriptions click here.

Submit your press release to
multiple news outlets with 1 click.
Subscribe to RSS news feeds or
add free content to your website.
Access XBIZ news and articles
with your mobile device.
Subscribe to XBIZ Premiere magazine, the industry's leading adult retail trade publications, delivering the most timely and comprehensive business news and information to producers and retailers of adult products.



Nov 04 - Nov 06
Edison, New Jersey

2016 Inked Awards

Nov 05 - Nov 05
Edison, New Jersey

XBIZ 2017

Jan 09 - Jan 13
Hollywood, CA

XBIZ Awards 2017

Jan 12 - Jan 12
Los Angeles, CA
Everyday thousands of business professionals browse XBIZ's industry directory for quality products and services. Not listed yet? Your company could be losing potential new business. Submit your company today!
Use XBIZ RSS feeds to stay informed of the latest industry developments or as a content syndication tool for your website!