The Apache HTTP Server is developed under the direction of the Apache Software Foundation (ASF), a nonprofit organization conceived as the Apache Group in 1995. According to a 2004 Netcraft survey, 67 percent of all websites are running Apache.
Apache is not as vulnerable as IIS. Most of the vulnerabilities on Apache HTTP Server occur in the Windows port of this popular web server, but this port is not as prevalent on the Internet as the original UNIX/Linux version.
New vulnerabilities are discovered all the time. By the time this book comes to press, new vulnerabilities will most likely have been found. Most of the vulnerabilities are related to denial-of-service (DoS) attacks. To read about Apache vulnerabilities, check out the online publication Apache Week, which contains a database of all known vulnerabilities with the Apache web server.
The following are some of the popular attacks against Apache web servers:
Memory consumption DoS: An attacker could send an HTTP GET request with a MIME header containing multiple lines with numerous space characters that would crash a server.
SSL infinite loop: An attacker could cause a DoS attack by aborting an SSL connection and causing a child process to enter an infinite loop.
Basic authentication bypass: An attacker could gain access to restricted resources even though he has not authenticated to the server. This is only found in Apache 2.0.51 and is because of a flaw in the code that prevents the merging of the Satisfy directive. The Satisfy directive grants users access to a server with a username and password or client IP address.
IPv6 URI parsing heap overflow: Using the HTTP test tools created by Codenomicon, a leading provider of automated software testing tools, a malicious attacker could crash a server when an input validation error occurs in the Apache portable runtime library.
