Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-039: httpd Security Update

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-039: httpd Security Update
# 1  
Old 01-23-2008
S-039: httpd Security Update
A flaw was found in the Apache HTTP Server mod_proxy module. The risk is MEDIUM. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. On sites where a forward proxy is configured, an attacker could cause a similar crash if a user could be persuaded to visit a malicious site using the proxy.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

1 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Clearify what it means under 'WHAT' when hit the 'w'-command

I wonder how I shall read the result below, especially 'what' shown below. The result was shown when I entered 'w'. E.g what is TOP? What is gosh ( what does selmgr mean?)? login@ idle JCPU PCPU what 6:15am 7:04 39 39 TOP 6:34am 6:45 45 45 TOP 6:41am ... (1 Reply)
Discussion started by: Aelgen
1 Replies
Login or Register to Ask a Question

LEARN ABOUT MOJAVE

apachectl

APACHECTL(8)							     apachectl							      APACHECTL(8)

NAME

       apachectl - Apache HTTP Server Control Interface

SYNOPSIS

       When acting in pass-through mode, apachectl can take all the arguments available for the httpd binary.

       apachectl [ httpd-argument ]

       When acting in SysV init mode, apachectl takes simple, one-word commands, defined below.

       apachectl command

SUMMARY

       apachectl  is  a  front	end  to the Apache HyperText Transfer Protocol (HTTP) server. It is designed to help the administrator control the
       functioning of the Apache httpd daemon.

       The apachectl script can operate in two modes. First, it can act as a simple front-end to the httpd command that simply sets any  necessary
       environment  variables and then invokes httpd, passing through any command line arguments. Second, apachectl can act as a SysV init script,
       taking simple one-word arguments like start, restart, and stop, and translating them into appropriate signals to httpd.

       If your Apache installation uses non-standard paths, you will need to edit the apachectl script to set the appropriate paths to	the  httpd
       binary. You can also specify any necessary httpd command line arguments. See the comments in the script for details.

       The apachectl script returns a 0 exit value on success, and >0 if an error occurs. For more details, view the comments in the script.

OPTIONS

       Only the SysV init-style options are defined here. Other arguments are defined on the httpd manual page.

       start  Loads the org.apache.httpd launchd job.

       stop, graceful-stop
	      Unloads the org.apache.httpd launchd job.

       restart, graceful
	      Unloads, then loads the org.apache.httpd launchd job.

       fullstatus
	      Displays a full status report from mod_status. For this to work, you need to have mod_status enabled on your server and a text-based
	      browser such as lynx available on your system. The URL used to access the status report can be set by editing the STATUSURL variable
	      in the script.

       status Displays	a  brief status report. Similar to the fullstatus option, except that the list of requests currently being served is omit-
	      ted.

       configtest
	      Run a configuration file syntax test. It parses the configuration files and either reports Syntax Ok or detailed	information  about
	      the particular syntax error. This is equivalent to apachectl -t.

       The following option was available in earlier versions but has been removed.

       startssl
	      To  start httpd with SSL support, you should edit your configuration file to include the relevant directives and then use the normal
	      apachectl start.

Apache HTTP Server						    2018-07-06							      APACHECTL(8)