List ecs-isp@2rosenthals.com Arkiverade meddelande #362 föregående meddelande nästa meddelande Tillbaks till lista

Från: "Steven Levine" <ecs-isp@2rosenthals.com> Meddelandehuvud
Oavkodat meddelande
Ämne: Re: [eCS-ISP] Apache 2.4.49 zero day exploit...
Datum: Tue, 05 Oct 2021 23:34:13 -0800
Till: "eCS ISP Mailing List" <ecs-isp@2rosenthals.com>

In <list-2633065@2rosenthals.com>, on 10/05/21
   at 10:08 PM, "Roderick Klein" <ecs-isp@2rosenthals.com> said:

Hi,

>It seems this Apache version has a zero day exploit.
>https://therecord.media/apache-fixes-actively-exploited-web-server-zero-day/

This is yet another example of how important it is to understand how to
properly configure httpd or any other server, for that matter.  As the CVE
explains, it takes two errors for the exploit to be effective.  First is
the code defect.  Second is a misconfigured server setup.  There's no
reason to not use "require all denied" except for directories that are
supposed to be accessible and even then the access should be carefully
controlled.

Many years ago, when I first took over support of the SCOUG sever, I
discovered that the previous webmaster managed to Options +ExecCGI every
directory on the system.  This made for interesting log entries along with
processes that seemed to run for no reason.  Fortunately, this was long
enough ago that there were far fewer script kiddies, so no one tried to
damage the system.

Steven

--
----------------------------------------------------------------------
"Steven Levine" <steve53@earthlink.net>  Warp/DIY/BlueLion etc.
www.scoug.com www.arcanoae.com www.warpcave.com
----------------------------------------------------------------------
Prenumerera: Sändning, Uppsamling, Index.
Stoppa prenumeration
Meddelande till ListMaster