News

Half of all Web sites vulnerable to attack

Eric Doyle
More than half of the Web servers in use today could be vulnerable to worm attacks, according to UK vulnerability testing site Netcraft.

In the Microsoft Internet Information Services (IIS) world, Netcraft tests showed that more than half of the servers currently in use do not appear to have disabled HTR features following Microsoft's warnings about an HTR chunked encoding buffer overrun vulnerability put out on 10 June.

HTR scripts allow users to change passwords and allow administrators to perform various password management tasks. Carefully encoded HTR scripts could allow a hacker to plant malicious code such as a worm.

Although Netcraft cannot say for certain whether the patch has been applied to any of these servers, the company assumes that many will not have been patched.

Chunked encoding is also a vulnerable area on Apache Web servers, and on 17 June a warning was issued. According to Netcraft, more than six million sites have taken immediate action but this leaves 14 million still vulnerable.

Netcraft said, "Conditions are ripe for an epidemic of attacks against both Microsoft IIS and Apache-based sites." As if to illustrate Netcraft's point, an Internet worm called Scalper has started attacking Apache Web servers running on the FreeBSD operating system. The worm scans for vulnerable sites and installs a backdoor through which a hacker could penetrate a system. This may be the thin end of a wedge that could prise open other Unix-like systems.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy