http://www.wired.com/news/technology/0,1282,53412,00.html By Brian McWilliams 11:28 a.m. June 21, 2002 PDT Potentially millions of websites -- including the new, reportedly invincible home page of Russian President Vladimir Putin -- may become easy prey for hackers if their administrators don't promptly upgrade their software. The new Kremlin site, launched Thursday, underwent three months of testing to ensure it is "almost hacker-proof," according to a Reuters story published Friday. The report said almost 100 hackers attempted to break into Putin's site in its first 24 hours of operation. But independent tests of the Russian president's website revealed Friday that it was running an outdated version of the popular Apache Web server that could be vulnerable to a recently discovered security bug. Data provided by research firm Netcraft showed that Putin's site was using the Red-Hat Linux operating system with Apache version 1.3.20. Netcraft's data was corroborated by a security scanner from eEye Digital Security, which examines a Web server's "banner" to determine if it is vulnerable to the Apache flaw, according to chief hacking officer Marc Maiffret. On Monday, the U.S. government-funded Computer Emergency Response Team warned that a security flaw in Apache versions 1.2.2 through 1.3.24 could allow remote attackers to execute malicious programs on vulnerable servers. The Apache Software Foundation has advised administrators to upgrade immediately to the latest version of the Web server software that is not prone to the "chunked-encoding" bug. In use on more than 10 million active websites, Apache is the most popular Web server used on the Internet, with over 60 percent market share, according to Netcraft. The program runs on several Unix-based operating systems as well as on Microsoft's Windows. The security of some Apache sites was especially threatened Wednesday when a research group called Gobbles Security released a tool designed to allow attackers to take control of unpatched Apache installations running on the OpenBSD operating system. A Gobbles representative told Wired News Friday that the group intends to publish a new version of the program that additionally exploits the Apache flaw on unpatched FreeBSD and NetBSD machines "with a 100 percent success rate." Gobbles said it also has developed, but not publicly released, exploits for the Sun Solaris and Linux operating systems. Officials at Ayaxi, the Moscow firm that developed Putin's site, were not immediately available. According to Netcraft, more than a dozen websites operated by the Russian Federation were also running unpatched versions of Apache. Representatives of the Russian Government Internet Network did not immediately respond to requests for information. Following the release of Gobbles' "Apache-Scalp" program, SecurityFocus.com raised its "ThreatCon Rating" to Level 3, the first time the security information firm has issued such a warning since the Nimda worm hit the Internet last September. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Jun 24 2002 - 05:27:42 PDT