Jul 31

SEO-Related Apache Exploit

Posted by Jaimie Sirovich on Jul. 31st, 2006. 0 comments — voice your opinion.

BECOME AN EGGHEAD. SUBSCRIBE TO OUR RSS FEED OR FOLLOW US ON TWITTER!

Learn to be as nerdy as we are by never missing our latest blog entries. Receive great tips, tricks, and ideas on improving your web site every day! Subscribe via our RSS Feed, follow us, or use the chicklets in the sidebar for more options.
X

Most deployed versions of Apache are potentially exploitable, as mod_rewrite has been found to be vulnerable to a stack smashing attack.  It is somewhat muted by the fact that only certain rules cause the problem.  The vulnerability is caused by an off-by-one error — the most common programming error known to man.  Many SEOs use mod_rewrite, but not all will be affected; I checked my rules, and I am not exploitable (otherwise I wouldn't post this), but I'm upgrading anything I have anyway.  This affects all branches of Apache  — 1.3 to 2.2.  The original report from McAfee is here.

Tell an amigo:
  • Sphinn
  • Digg
  • Reddit
  • del.icio.us
  • StumbleUpon
  • Facebook



Related posts:
ROTD: Mod_rewrite Rule To Remove Trailing "index.php" This handy set of rules for mod_rewrite automatically redirects any...
Essential SEO-Related Plugins for WordPress Here are a list of my favorite WordPress plugins that are SEO-related. ...
Does Anyone Actually Use Status Code 410 (Gone)? I was reading through the documentation for mod_rewrite, and I...
URL Normalization; Slashing Duplicate Content To be honest, I'm not even sure this matters much...
Virtual Hosting is a Liability I was playing around with the What is Hosted on...






Care To Bang On The Keys ... ?

BECOME AN EGGHEAD. SUBSCRIBE TO OUR RSS FEED!

Learn to be as nerdy as we are by never missing our latest blog entries. Receive great tips, tricks, and ideas on improving your web site every day! Subscribe via our RSS Feed or use the chicklets in the sidebar.