Apache HTTP Server – WindowsTechs.com

Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More

Posted on January 18, 2024 by Cedric Pernet

The Androxgh0st malware botnet is used for victim identification and exploitation in targeted networks, as well as credentials collection. Read the FBI/CISA’s tips for protecting against this malware threat. Continue reading Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More→

PoC exploit for Carpe Diem Apache bug released

Posted on April 9, 2019 by Zeljka Zorz

Charles Fol, the security engineer that unearthed the Carpe Diem Apache HTTP Server bug (CVE-2019-0211), has released an exploit for it. “This is between a POC and a proper exploit. I added tons of comments, it is meant to be educational as well,… Continue reading PoC exploit for Carpe Diem Apache bug released→

Patched Apache flaw is a serious threat for web hosting providers

Posted on April 3, 2019 by Zeljka Zorz

Organizations running Apache web servers are urged to implement the latest security update to fix a serious privilege escalation flaw (CVE-2019-0211) that can be triggered via scripts and could allow unprivileged web host users to execute code with roo… Continue reading Patched Apache flaw is a serious threat for web hosting providers→

Optionsbleed bug makes Apache HTTP Server leak data from memory

Posted on September 20, 2017 by Zeljka Zorz

On Monday, security researcher Hanno Böck detailed a memory-leaking vulnerability in Apache HTTP Server that’s similar to the infamous OpenSSL Heartbleed bug uncovered in April 2014. Unlike Heartbleed, Optionsbleed (as Böck dubbed it) affects a relatively limited number of servers. About Optionsbleed (CVE-2017-9798) The bug affects Apache HTTP Server 2.2.x through 2.2.34 and 2.4.x through 2.4.27, and only those that sport a certain configuration in the .htaccess file. The vulnerability is actually a use after … More → Continue reading Optionsbleed bug makes Apache HTTP Server leak data from memory→