A serious vulnerability in Apache’s HTTP web server that enables the attacker to gain remote access to the server and total control of a database, has been discovered by Brett Gervasoni, a researcher and consultant with Sense of Security Labs.
The bug is localized in the Apache’s core “mod_isapi” module, and can be exploited to give access and system privileges to the attacker, which means that data can be manipulated, deleted or stolen.
ZDNet Australia reports that the solution for the problem is simple – the user just needs to upgrade to the latest version of the software (2.2.15). It is recommended that all users do so as soon as possible, since it is difficult to tell if they have been targeted.
Jason Edelstein, the spokesman for Sense of Security, says that for this bug to be exploited, the attacker must know how to write a “high level piece of code”, making less likely – but not implausible – the possibility that such an attack had already been or will be used “in the wild”.
“Whilst in the past it was more overt and attackers would deface website pages, they’re more likely now to conceal their access to maintain their foothold,” he said.