Web server vulnerability uncovered

SGI machines running the Apache Web server on SGI's IRIX operating system are vulnerable to attack by hackers, who may be able to gain administrator-level access, the company has warned. SGI makes machines used for many functions, including scientific research and movie special effects. Many machines are used by government and defense organizations. The new flaws, originally announced Friday, affect IRIX versions 6.5.12, 6.5.13 and 6.5.14 running Apache versions earlier than 1.3.22. IRIX is SGI's proprietary version of the Unix operating system, while Apache is a widely used open-source Web server, installed and enabled by default on IRIX. SGI hasn't released a patch, but it recommends that people upgrade to an OS newer than 6.5.14, as these systems include a newer version of Apache in which the problems have been resolved. If the software can't be upgraded immediately, the company recommends disabling Apache. Matthew Broersma reported from London. Read the full story.