[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild

Subject: Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild
From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
Date: Sat, 29 Jun 2002 01:07:33 +0200
Organization: SOLARSPEED.NET
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Bruce,

> Actually, the RaQ3 patch is _supposed_ to upgrade Apache to 1.3.20... I
> haven't looked to see if that actually made it into the patch or not
> though.

Now that would be cool. The last time I looked at the unsupported RPM / SRPM 
for the RaQ3 with the chunked encoding fixed which you guys had uploaded it 
still showed Apache-1.3.6. However, the way you've got Apache-1.3.20 locked 
down it would really make sense to go for 1.3.20 on the RaQ3.

-- 

Mit freundlichen Grüßen / With best regards

Michael Stauber
mstauber@xxxxxxxxxxxxxx
Unix/Linux Support Engineer

References:
- [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild
  - From: Rick Ewart
- Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild
  - From: Michael Stauber
- Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild
  - From: Bruce Timberlake

Prev by Date: Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild
Next by Date: [cobalt-security] Apache pkgs
Previous by thread: Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild
Next by thread: Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index