Apache DoS Bug Resurfaces, Spurring New Attacks
A bug in the way that the hugely popular Apache Web server handles some types of HTTP “range” header requests can enable a remote attacker to cause a denial-of-service condition on a vulnerable server. The flaw, which affects all versions of Apache 1.3 and Apache 2, reportedly already is being exploited in the wild and Apache Software Foundation officials are working on a fix for the bug, which is expected to be released within a few days.