Apache worm on the loose [LWN.net]

It is way past time to upgrade your Apache servers. A worm which takes advantage of the "chunk handling" vulnerability has been sighted, and its source has been publicly posted. For a list of distributor alerts, see the vulnerability report.

The June 2002 Netcraft Web Server Survey estimated that as of July 1st there were still "around 14 Million potentially vulnerable Apache sites."

ZDNet covered the worm with articles on its history and speculation on the potential for a new wave of network attacks. Robert Lemos chronicled the mildness of the worm's impact so far for CNET News.com in articles published June 28th and July 1st. Capture of the worm in a honeypot system was reported on June 28th.