[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] Re: [cobalt-users] [RaQ4] FYI: Apache & SSL Update 2.0.1

Subject: RE: [cobalt-security] Re: [cobalt-users] [RaQ4] FYI: Apache & SSL Update 2.0.1
From: "Andy Brown" <andy.brown@xxxxxxxxxxxxx>
Date: Wed, 2 Oct 2002 09:51:08 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

<snip>
>> Apache/1.3.20 Sun Cobalt (Unix) mod_jk mod_ssl/2.8.4 OpenSSL/0.9.6b PHP/4.1.2 
>> mod_auth_pam_external/0.1 FrontPage/4.0.4.3 mod_perl/1.25

>> Are we back to OpenSSL/0.9.6b?
>> [root src]# openssl
>>OpenSSL> version
>>OpenSSL 0.9.6b 9 Jul 2001
>>OpenSSL> quit
</snip>

I've just done this to our RaQ4 here, and same as Gerald, openssl seems to be STILL on 0.9.6b (I hadn't applied previous patches, just done some blocking and prayed!)
Any ideas whats gone wrong here?
[root /root]# rpm -qi openssl
Name        : openssl                      Relocations: (not relocateable)
Version     : 0.9.6b                            Vendor: (none)
Release     : 8                             Build Date: Mon 25 Feb 2002 11:21:44 AM GMT
Install date: Mon 25 Feb 2002 03:34:20 PM GMT      Build Host: rev66.cobalt
Group       : System Environment/Libraries   Source RPM: openssl-0.9.6b-8.src.rpm
Size        : 3102671                          License: BSDish
URL         : http://www.openssl.org/
Summary     : The OpenSSL toolkit.
Description :
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

Notice the build dates? I'm guessing my RPM hasn't been updated for some reason :(
Mind you, i've just extracted the PKG, and found the RPMs in there are:
apache-1.3.20-RaQ4_1C4stackguard.i386.rpm
apache-admsrv-1.3.20-RaQ4_1C4stackguard.i386.rpm
apache-devel-1.3.20-RaQ4_1C4stackguard.i386.rpm
apache-mod_perl-1.3.20-RaQ4_1C4stackguard.i386.rpm
apache-openssl-1.3.20-RaQ4_1C4stackguard.i386.rpm

Where's openssl ???

Anyone want to enlighten me as to whats just occurred? I'm presuming that my Apache has been patched... somehow... and is not vulnerable.
I also would like to know a DEFINITIVE way of testing for this vuln, because getting host headers isn't a reliable means from what I can tell (esp. when i've hidden those ages ago so they're set to Minimal)

Many thanks for anyone who can shed some light...

Regards,

Andy
andy@xxxxxxxxxx
http://www.raqpak.com/ <-- Raq/Qube unofficial PKGs and support advice

Prev by Date: Re: [cobalt-security] security guidelines
Next by Date: RE: [cobalt-security] Fwd: Re: [cobalt-users] httpd won't start
Previous by thread: [cobalt-security] Re: [cobalt-users] [RaQ4] FYI: Apache & SSL Update 2.0.1
Next by thread: [cobalt-security] Fwd: Re: [cobalt-users] httpd won't start

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index