It has recently come to the attention of SpeedySparrow that a new exploit code dubbed “Apache Killer” has arrived, discovered and diagnosed more than 54 months ago it seems that the new attack against the Apache Web-Server has finally arrived.
The new exploit has the capability of bringing down an entire Apache system with the use of a single PC. The dubbed exploit “Apache Killer” vulnerability acts in a way to which sends multiple GET requests to the system containing overlapping byte ranges, the current exploit is known to affect systems running versions of Apache from v1.3 to the latest release (current fixes are in place) but a definite fix from Apache is being heavily awaited.
Apache has noted that a release should hopefully be released within the next 96 hours, even though this is a time-frame away SpeedySparrow will be taking the necessary actions to ensure systems that we are hosting are protected from this rather new and known exploit and all necessary protection methods will be enforced immediately on all active servers.
All current and active VPS customers that are running Apache on their systems should be warned to take appropriate action.
Please refer to the Suggested Fixes that have been released, these can be used in time till a new fix is released by Apache.
Leave a Reply