[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] openssl exploitable still?

Subject: Re: [cobalt-security] openssl exploitable still?
From: Dmitry Alexeyev <dmi_a@xxxxxxxxxx>
Date: Tue, 17 Feb 2004 23:47:07 +0300
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

AFAIK, your steps should be: 
1) build new openssl, take some from redhat and rpm --rebuild 
package.src.rpm, then go to /usr/src/redhat/RPMS/i386 and install it

2) Download new mod_ssl source from http://www.modssl.org/

3) # cd mod_ssl-2.8.15-1.3.29
# ./configure --with-apache=../apache_1.3.29 --with-ssl=/usr 
--enable-shared=ssl \
              --with-mm=/usr/local

...something like this. 

Dmitry

> Well someone knows then, I am getting pages defaced (hidden IFRAMES
> for popups) and around the same time i get SSL handshake errors..
>
> How can I compile mod_ssl outside of apache?

Follow-Ups:
- Re: [cobalt-security] openssl exploitable still?
  - From: lists

References:
- [cobalt-security] openssl exploitable still?
  - From: lists
- Re: [cobalt-security] openssl exploitable still?
  - From: Dmitry Alexeyev
- Re: [cobalt-security] openssl exploitable still?
  - From: lists

Prev by Date: Re: [cobalt-security] openssl exploitable still?
Next by Date: Re: [cobalt-security] openssl exploitable still?
Previous by thread: Re: [cobalt-security] openssl exploitable still?
Next by thread: Re: [cobalt-security] openssl exploitable still?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index