[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] openssl exploitable still?
- Subject: Re: [cobalt-security] openssl exploitable still?
- From: "lists" <lists@xxxxxxxxxxxxxxxx>
- Date: Tue, 17 Feb 2004 15:29:32 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Well someone knows then, I am getting pages defaced (hidden IFRAMES for
popups) and around the same time i get SSL handshake errors..
How can I compile mod_ssl outside of apache?
./configure:Usage: ./configure [mod_ssl options] [APACI options]
mod_ssl feedback options:
--help ...this message [OPTIONAL]
--quiet ...configure totally quiet [OPTIONAL]
--verbose ...configure with verbosity [OPTIONAL]
--force ...configure with disabled checks [OPTIONAL]
--expert ...configure without user hints [OPTIONAL]
mod_ssl configure options:
--with-apache=DIR ...path to Apache 1.3.x source tree [REQUIRED]
--with-apxs[=FILE] ...path to APXS program [OPTIONAL]
--with-ssl=DIR ...path to OpenSSL source tree [OPTIONAL]
--with-mm=DIR ...path to MM source tree [OPTIONAL]
--with-crt=FILE ...path to SSL X.509 certificate file [OPTIONAL]
--with-key=FILE ...path to SSL RSA private key file [OPTIONAL]
--with-patch=FILE ...path to your vendor 'patch' program [OPTIONAL]
--with-eapi-only ...apply EAPI to Apache source only [OPTIONAL]
APACI configure options: [OPTIONAL]
--prefix=DIR ...installation prefix for Apache
--... ...see INSTALL file of Apache for more options!
Seems confusing.
Dave
----- Original Message -----
From: "Dmitry Alexeyev" <dmi_a@xxxxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Tuesday, February 17, 2004 3:11 PM
Subject: Re: [cobalt-security] openssl exploitable still?
> >
> > Doesnt that mean my openssl/modssl is external library which can be
> > upgraded without redoing apache/php4.3.3 and whatnot all over?
> >
>
> Yes. Just compile mod_ssl outside of apache.
> But you really should not worry about some public exploits - a cracker
> needs to know the addrees of free() function in your binary. If they
> have your httpd, they can exploit it.
>
> Dmitry
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
>