DevOps Articles

Curated articles, resources, tips and trends from the DevOps World.

There’s a Nasty Security Hole in the Apache Webserver

2 years ago thenewstack.io
There’s a Nasty Security Hole in the Apache Webserver

Summary: This is a summary of an article originally published by The New Stack. Read the full original article here →

Here a security hole, there a security hole, everywhere a security hole. This is a Denial of Service (DoS) attack in the https://httpd.apache.org/‘s https://httpd.apache.org/docs/2.4/mod/mod_sed.html.

In March 2022, https://nvd.nist.gov/vuln/detail/CVE-2022-23943, an Apache memory corruption vulnerability in mod_sed, was uncovered.

But, https://www.linkedin.com/in/brianmoussalli/?originalSubdomain=il, the https://jfrog.com/ Security Research team’s Security Research Tech Lead, worried that while the https://jfrog.com/blog/cve-2022-30522-denial-of-service-dos-vulnerability-in-apache-httpd-mod_sed-filter/, it created a new unwanted behavior.”

Essentially mod_sed enables you to use a steam editor, yes, the classic Unix https://www.gnu.org/software/sed/manual/sed.html, to manipulate input and output streams for server requests.

Read More
Oh Dear
Oh Dear
The all-in-one monitoring tool for your entire website
Fathom
Fathom
Fathom Analytics: A Better Google Analytics Alternative
Namecheap
Namecheap
DevOpsChat Logo Your DevOps Community
Product
Useful Links

Made with pure grit © 2024 Jetpack Labs Inc. All rights reserved. www.jetpacklabs.com