Oracle out-of-band patch release to prevent Apache DoS exploits
The Internet Storm Center shares an important emergency release that corporations should apply expediently:
Oracle Emergency Patch for CVE-2011-3192 has been released!
QUOTE: This security alert addresses the security issue CVE-2011-3192, a denial of service vulnerability in Apache HTTPD, which is applicable to Oracle HTTP Server products based on Apache 2.0 or 2.2. This vulnerability may be remotely exploitable without authentication, i.e. it may be exploited over a network without the need for a username and password. A remote user can exploit this vulnerability to impact the availability of un-patched systems. The bug is serious enough for Oracle to issue the patch outside of its usual large quarterly updates, the next of which is scheduled for Oct. 18.