Apache基金會修補網頁伺服器HTTP Server的原始碼洩露弱點
支付動態 · 2024-07-11
7月初Apache基金會針對網頁伺服器系統HTTP Server發布更新,當中修補高風險層級漏洞CVE-2024-39884,若不處理,網頁伺服器就有可以面臨原始碼洩露的風險
上週Apache基金會發布2.4.61版網頁伺服器系統HTTP Server,主要是修補一項漏洞CVE-2024-39884,這項漏洞帶來的影響,是在handlers組態透過AddType設置時,有可能導致原始碼資訊洩漏的情況,在2.4.60版以前的HTTP Server都可能會曝險。
這項漏洞發生的原因,在於此網頁伺服器系統核心有個遞迴(regression)處理流程中,會忽略採用的部分舊版內容類型(content-type)。在AddType或類似的組態環境裡,某些間接請求檔案的情況,就有可能導致本機原始碼洩露的情況。
關於這項漏洞的嚴重程度,Apache基金會先將其列為高風險(Important)層級,但目前尚未公布CVSS風險評分。
Popular articles
1spin4win releases unique slot Don Catleone Hold and Win featuring gangster cats
Online Game
UK MPs reopen 2025 gambling inquiry as reform stalls
Regulation
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
B2B Tech Infrastructure Gains Momentum in Philippine Gaming Sector
Southeast Asia
Online gambling, crypto pose ongoing money laundering risks in Philippines, analyst says
Southeast Asia
Brazil Proposes Raising Gambling Tax Rate to 24%, With Revenue Allocated to Social Security and Healthcare
Regulation
HUIDU Invites You to Booth T70 at iGB L!VE 2026 — Let’s Ignite London This July!
HUIDU Focus
JILI Partners with Cricket Legend AB de Villiers (ABD) to Launch Exclusive Branded Game Series 100% 11
Sports Game
Super PAC Raises $48 Million: Sports Betting Forces Ramp Up Political Push
Regulation
Gaming & Technology Expo Makes a Powerful Entrance in CDMX
Marketing
GAT CDMX 2025 Institutional Academy: Leaders and Experts Analyze the Present and Future of the Gaming Industry in Mexico and Lat
Sports Game
New Jersey July Gambling Revenue Hits $606M, Sweeps Casinos Banned
Regulation
SBC Summit Canada to Make Player Safety a Key Pillar of 2026 Agenda
Marketing
GGC Awards 2026 Shines in Colombo: Honoring Leaders and Innovators in the iGaming Industry
HUIDU Focus
British gambling levy rates confirmed for each vertical
Regulation
