Apache Confirms Web Server DoS Vulnerability, Promises Quick Patch

August 2011
Channel Insider;8/26/2011, p1
The article reports that Apache Corp. has confirmed the vulnerability of its Web Server disk operating system (DoS) and promised to address the problem within 96 hours. It states that a denial-of-service tool called Apache Killer appeared on August 19, 2011 in the Full Disclosure security mailing lists and the Apache Software Foundation acknowledged its existence on August 24, 2011. It says that the tool send malicious HTTP Range Request headers for large data when executed.


Related Articles

  • Defending HTTP Web Servers against DDoS Attacks through Busy Period-based Attack Flow Detection. Seung Yeob Nam; Sirojiddin Djuraev // KSII Transactions on Internet & Information Systems;Jul2014, Vol. 8 Issue 7, p2512 

    We propose a new Distributed Denial of Service (DDoS) defense mechanism that protects http web servers from application-level DDoS attacks based on the two methodologies: whitelist-based admission control and busy period-based attack flow detection. The attack flow detection mechanism detects...

  • Apache.  // Computer Bulletin;Nov2000, Vol. 42 Issue 6, p32 

    The article discusses the Apache Web server software. The development of Apache began in 1995, when a small group of Webmasters produced their own bug fixes and software patches for a server software that stalled during development. The group collaborated via e-mail for the common distribution...

  • HULK DoS Tool More Hype Than Threat.  // Software World;Jul2012, Vol. 43 Issue 4, p23 

    The article informs that threat advisory on the Hypertext Transfer Protocol (HTTP) Unbearable Load King (HULK) denial of service (DoS) script has been released by Prolexic Technologies Inc.

  • Lightweight C&C based botnet detection using Aho-Corasick NFA. Udhayan, J.; Anitha, R.; Hamsapriya, T. // International Journal of Network Security & Its Applications;Oct2010, Vol. 2 Issue 4, p164 

    Botnet distinguishes itself from the previous malware by having the characteristics of a C&C channel, using which a Botmaster can control the constituents of the botnet. Even though protocols like IRC, HTTP and DNS are exploited to incorporate C&C channels, previous analysis have shown that the...

  • Apache does Windows. Moeller, Michael // PC Week;05/04/98, Vol. 15 Issue 18, p32 

    States that Apache 1.3, the Apache Group's Web server software, will be available for Windows 95 and Windows NT 4.0. Unix platform upgrades in Apache 1.3; Why Apache is so popular as a Web server; Unix advancements in Apache 1.3; Why the performance of Apache 1.3 under Windows NT will be...

  • Using XGBoost to Discover Infected Hosts Based on HTTP Traffic. Niu, Weina; Li, Ting; Zhang, Xiaosong; Hu, Teng; Jiang, Tianyu; Wu, Heng // Security & Communication Networks;11/6/2019, p1 

    In recent years, the number of malware and infected hosts has increased exponentially, which causes great losses to governments, enterprises, and individuals. However, traditional technologies are difficult to timely detect malware that has been deformed, confused, or modified since they usually...

  • A PCA BASED FRAMEWORK FOR DETECTION OF APPLICATION LAYER DDoS ATTACKS. Bharathi, R.; Sukanesh, R. // WSEAS Transactions on Information Science & Applications;Dec2012, Vol. 9 Issue 12, p387 

    Hackers uses Distributed Denial of Service (DDoS) and leaves hundreds and thousands of bots to overwhelm the victim in terms of bandwidth and reduce the services that are rendering to the users. To initiate an attack against victim, hackers use the internet as their venue. To address this threat...

  • Integrated Hidden Markov Model and Bayes Packet Classifier for effective Mitigation of Application DDoS attacks. Prabha, S.; Anitha, R. // International Journal of Computer Science Issues (IJCSI);Jul2011, Vol. 8 Issue 4, p587 

    Resisting distributed denial of service (DDoS) attacks become more challenging with the availability of resources and techniques to attackers. The application-layer-based DDoS attacks utilize legitimate HTTP requests to overwhelm victim resources are more undetectable and are protocol compliant...

  • ANOMALY DETECTION ON USER BROWSING BEHAVIORS FOR PREVENTION APP_DDOS. Jadhav, Vidya; Devale, Prakash // International Journal of Advances in Engineering & Technology;Nov2011, Vol. 1 Issue 5, p492 

    Some of the hardest to mitigate distributed denial of service attacks (DDoS) are ones targeting the application layer. Over the time, researchers proposed many solutions to prevent denial of service attacks (DDoS) from IP and TCP layers instead of the application layer. New application Layer...


Read the Article


Sorry, but this item is not currently available from your library.

Try another library?
Sign out of this library

Other Topics