[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Denial of Service Update 2.5

Subject: [cobalt-security] Denial of Service Update 2.5
From: Rod Todd <rodd_todd_1999@xxxxxxxxx>
Date: Fri, 13 Oct 2000 15:07:42 -0700 (PDT)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hello, we just checked out Brosoft's website and
wanted to confirm if anyone has installed their
security patch and if it is recommended from the
group:

SSL-related Upgrades: 
 
Security: Denial of Service Update 2.5 This security
update fixes a denial of service(DoS) attack problem
with Apache. Using a bug in the HTTP headers, anyone
can call certain urls, that will result in Apache
1.3.3 consuming all system resources. This DoS attack
can affect any Apache 1.3.3 web server. Applies only
to Apache 1.3.3, Apache 1.3.1 is not vulnerable to
this type of attack. Installing this update will
eliminate the vulnerability to DoS attack. 
This package is based on Cobalt Networks package but
only updates the Web-server not the adminserver as the
one we deliver is based on 1.3.4 and not vulnerable to
this DoS problem. 

Qube2-Security-2.5-brosoft.pkg 


Cheers
rodd,
---------
"Sure, some year we will blow it. I mean companies
don't last forever." -Bill Gates on the longevity of Microsoft

__________________________________________________
Do You Yahoo!?
Get Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/

Prev by Date: Re: [cobalt-security] 'proftpd-inetd appears to be from newer version' message (cross posted)
Next by Date: Re: [cobalt-security] Secure way to backup MIPS machines with SMB
Previous by thread: [cobalt-security] Denial of Service Update 2.5
Next by thread: [cobalt-security] 'proftpd-inetd appears to be from newer version' message (cross posted)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index