[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild

Subject: Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild
From: "Rick Garcia" <rick@xxxxxxxxxxxxxx>
Date: Fri, 28 Jun 2002 15:50:58 -0700
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Michael -
Thanks so much for your prompt reply - A sign of a true professional.

Another quick question for you.
Last week we added blow_chunks.c to our apaches using apxs.  Do you see any
problem with this being the case?  Any need to remove blow_chunks from the
current server prior to doing the upgrade.

Many thanks in advance.

Rick Garica

----- Original Message -----
From: "Michael Stauber" <cobalt@xxxxxxxxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Friday, June 28, 2002 3:39 PM
Subject: Re: [cobalt-security] Apache worm that uses the chunk
vulnerability - in the wild


> Hi Rick,
>
> > Do you happen to know what version the Apache update 2.0.1 updates
apache
> > to?
>
> The Apache version remains unchanged after you install that patch. So on a
> RaQ3 you'll still have Apache-1.3.6, on an RaQ4, XTR and RaQ550 you'll
still
> have Apache-1.3.20.
>
> All SUN/Cobalt did here was to implement a patch which fixes the chunked
> encoding issues. It was complicated enough - especially on the RaQ3, sure
> thing.
>
> > Also - what is your recommendation for installing this Apache update?  I
> > have seen you post in the past that you do your updates through ssh -
would
> > you recommend the same for this upgrade and if so, do you think you
could
> > be so kind as to list the instructions for the Raq4?
>
> No problem. We do it step by step:
>
> Login by SSH or Telnet as user admin. Then do the following:
>
> su -
> (enter admin password again)
> cd /home/packages
> wget <URL of the patch>
> /usr/local/sbin/cobalt_upgrade <filename>
>
> That's it.
>
> With "wget" you can download files from the internet to your RaQ. With
> "/usr/local/sbin/cobalt_upgrade" you can install patches manually from the
> shell. However, if you download them to "/home/packages", then you could
also
> apply them through the GUI in the "preloaded" pulldown menu.
>
> --
>
> Mit freundlichen Grüßen / With best regards
>
> Michael Stauber
> mstauber@xxxxxxxxxxxxxx
> Unix/Linux Support Engineer
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
>

Follow-Ups:
- Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild
  - From: Michael Stauber

References:
- [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild
  - From: Rick Ewart
- Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild
  - From: Michael Stauber
- Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild
  - From: Rick Garcia
- Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild
  - From: Michael Stauber

Prev by Date: Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild
Next by Date: Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild
Previous by thread: Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild
Next by thread: Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index