'There's a bug in the widely used Apache Web Server that causes servers to leak pieces of arbitrary memory in a way that could expose passwords or other secrets, a freelance journalist has disclosed. The vulnerability can be triggered by querying a server with what's known as an OPTIONS request. Like the better-known GET and POST requests, OPTIONS is a type of HTTP method that allows users to determine which HTTP requests are supported by the server. Normally, a server will respond with GET, POST, OPTIONS, and any other supported methods. Under certain conditions, however, responses from Apache Web Server include the data stored in computer memory. Patches are available here and here.' -- source: https://arstechnica.com/information-technology/2017/09/apache-bug-leaks-cont... Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/