[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] Fw: [SECURITY] Remote exploit for 32-bit Ap ache HTTP Server known
- Subject: RE: [cobalt-security] Fw: [SECURITY] Remote exploit for 32-bit Ap ache HTTP Server known
- From: Jonah Keough <jonah@xxxxxxxxxxxx>
- Date: Fri, 21 Jun 2002 14:31:26 -0700
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
That's a misunderstanding that started when ISS initially released this
vulnerability, see the CERT advisory for details:
http://www.cert.org/advisories/CA-2002-17.html, it does indeed impact
Redhat, etc.,
--
Jonah Keough
-----Original Message-----
From: Paul Wilson [mailto:webguroo@xxxxxxxxxxxxxxx]
Sent: Friday, June 21, 2002 4:40 PM
To: cobalt-security@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-security] Fw: [SECURITY] Remote exploit for 32-bit
Apache HTTP Server known
> > While testing for Oracle vulnerabilities, Mark Litchfield discovered a
> > denial of service attack for Apache on Windows. Investigation by the
> > Apache Software Foundation showed that this issue has a wider scope,
which
> > on some platforms results in a denial of service vulnerability, while on
> > some other platforms presents a potential remote exploit vulnerability.
This says it is for Apache on Windows, not on Redhat or Cobalt servers. My
understanding is that we don't have this problem here. Am I right or wrong?
Paul Wilson
webguroo@xxxxxxxxxxxxxxx
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.372 / Virus Database: 207 - Release Date: 6/20/2002
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security