[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] openssl exploitable still?
- Subject: Re: [cobalt-security] openssl exploitable still?
- From: "lists" <lists@xxxxxxxxxxxxxxxx>
- Date: Tue, 17 Feb 2004 14:40:13 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
I upgraded apache/php4.3.3 manually a few months back, perhaps I didnt
include a new openssl?
my httpd.conf has LoadModule ssl_module modules/libssl.so
Doesnt that mean my openssl/modssl is external library which can be upgraded
without redoing apache/php4.3.3 and whatnot all over?
Thanks
Dave
----- Original Message -----
From: "Dmitry Alexeyev" <dmi_a@xxxxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Tuesday, February 17, 2004 2:32 PM
Subject: Re: [cobalt-security] openssl exploitable still?
>
> > This is a RaQ550, I have all patches regarding ssh, ssl and apache
> > applied
>
> By the way, I don't see any critical messages in this part of the log
> you provided... Why do you think it's valnurable?
>
> Best way to check would be download the exploit and test it on your
> server watching into logs ;-)
>
> Dmitry
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
>