> what would be the likely hood a cracker could turn this into a > internet worm, and what would the possible destruction be? I'm aware > still over 50% of the webservers are running apache, but the diffrent > distros might cause somewhat of a problem. would it not? ~ack -- From what I've read about the vulnerability, the worst that could happen on a 32-bit *nix platform is a DoS attack. I don't have any statistics to back it up, but I would bet that most Apache installations are on 32-bit *nix. When you consider the primary platform for OSes like FreeBSD, OpenBSD, and Linux are 32-bit Intel, I think it's a pretty safe bet. So, a worm similar to Nimda that takes advantage of this vulnerability probably won't have anywhere near the impact on Apache since most vulnerable Apache installations won't be susceptible to remote code execution. Those running Apache on Windows and 64-bit *nix should be very careful however. Everyone, regardless of their platform, should upgrade to a fix version or patch their existing version. Steve Bremer
This archive was generated by hypermail 2b30 : Wed Jun 19 2002 - 10:32:37 PDT