DoS: Apache 1.3 all versions including 1.3.24, Apache 2 all versions up to 2.0.36

Ivo ivo at
Tue Jun 18 08:16:28 PDT 2002

On Tue, Jun 18, 2002 at 04:05:45PM +0100, James Spinks wrote:
> According to the CERT Advisory...
>    The Apache Software Foundation has released two new versions of Apache
>    that correct this vulnerability. System administrators can prevent the
>    vulnerability  from  being  exploited  by  upgrading to Apache version
>    1.3.25  or  2.0.39.  The new versions of Apache will be available from
>    their web site at 

It's not there yet.. However the latest 1.3 CVS snapshot [1] does identify
itself as 1.3.25. I'm not sure if this bug is fixed though.


Unsubscribe: send email to listar at
and put 'unsubscribe lfs-security' in the subject header of the message

More information about the lfs-security mailing list