[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] (no subject)

Subject: RE: [cobalt-security] (no subject)
From: "Tony" <isplists@xxxxxxxxxxxx>
Date: Thu, 4 Jul 2002 12:43:54 -0500
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

+On Thursday 04 July 2002 10:56 am, Rick wrote:
+> Hi,
+> Though i have applied the patch for apache2
+> it still shows as
+>
+> [root init.d]# httpd -v
+> Server version: Apache/1.3.20 Sun Cobalt (Unix)
+> Server built:   Jun 20 2002 19:23:53
+>
+
+Yes, but look at the DATE
+
+-- 
+Gerald Waugh 


The date is also correct:

On a patched Raq4:

Server version: Apache/1.3.20 Sun Cobalt (Unix)
Server built:   Jun 20 2002 19:23:53


Pre-patch:

Server version: Apache/1.3.20 Sun Cobalt (Unix)
Server built:   Jul 23 2001 14:55:10


First announcement to BugTraq of Apache bug: June 17 2002
(see below)


-----BEGIN PGP SIGNED MESSAGE-----

Internet Security Systems Security Advisory
June 17, 2002

Remote Compromise Vulnerability in Apache HTTP Server

Synopsis:

ISS X-Force has discovered a serious vulnerability in the default
version of Apache HTTP Server. Apache is the most popular Web server and
is used on over half of all Web servers on the Internet. It may be
possible for remote attackers to exploit this vulnerability to
compromise Apache Web servers. Successful exploitation may lead to
modified Web content, denial of service, or further compromise.

<snip>-

Follow-Ups:
- Re: [cobalt-security] (no subject)
  - From: Tom Worley

References:
- Re: [cobalt-security] (no subject)
  - From: Gerald Waugh

Prev by Date: Re: [cobalt-security] (no subject)
Next by Date: Re: [cobalt-security] (no subject)
Previous by thread: Re: [cobalt-security] (no subject)
Next by thread: Re: [cobalt-security] (no subject)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index