[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Fw: [SECURITY] Remote exploit for 32-bit Apache HTTP Server known
- Subject: Re: [cobalt-security] Fw: [SECURITY] Remote exploit for 32-bit Apache HTTP Server known
- From: Tom Worley <raq@xxxxxxxxxxxx>
- Date: Fri, 21 Jun 2002 22:46:39 +0100
- Organization: Worley Web Solutions
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Saturday 22 June 2002 12:40 am, Paul Wilson wrote:
> This says it is for Apache on Windows, not on Redhat or Cobalt servers. My
> understanding is that we don't have this problem here. Am I right or
> wrong?
The code in the link on this page suggests otherwise:
http://online.securityfocus.com/archive/1/277830/2002-06-17/2002-06-23/0
Come on Sun/Cobalt!! Get your act together!
UK2 told me they talked to someone from sun/cobalt who didn't even know about
the apache exploit. I forwarded my post I sent a while back to Tim Hockin
(the guy who does the raq kernels) and he said he's passed it on to the
security guys, so *they* must know about it now, but nobody has heard
anything offical from cobalt about it at all!
There are lots of people on my mailing list who are manually upgrading their
RaQ3s to 1.3.26, successfully I might add, but I think an offical update is
seriously needed.
--
Regards,
Tom Worley, Worley Web Solutions
RaQ Maintenance http://worleyweb.net
RaQ server help: http://uk2raq.com
RaQ backup: http://uk2raq.com/backup.php
TA2 game: http://totalannihilation2.com
Flying Linux in space: http://projectmist.org