[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] openssl exploitable still?
- Subject: Re: [cobalt-security] openssl exploitable still?
- From: Dmitry Alexeyev <dmi_a@xxxxxxxxxx>
- Date: Tue, 17 Feb 2004 23:51:53 +0300
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> I dont understand it..
>
> [root src]# openssl
> OpenSSL> version
> OpenSSL 0.9.7c 30 Sep 2003
> OpenSSL>
>
> But Apache still announces Server Version: Apache/1.3.20 Sun Cobalt
> (Unix) mod_ssl/2.8.4 OpenSSL/0.9.6
Apache source RPM from Cobalt has openssl already in it, and it is
patched version 0.9.6.
I tried to rebuild it with recent apache/mod_perl/mod_ssl etc, but
failed, I guess this spec has to be rewritten completely from the
scratch, which I am planning to do tomorrow.
If your server keeps being defaced, then you have a bug somewhere in
CGI/PHP or even rootkit installed.
If you want me to check your server and fix this issue, please contact
me off-list - there's much to do with default Cobalt installation, I
have explored some really bad bugs there :|
(I am not sure it's apache fault actually. Bad handshake doesn't mean a
critical error in software - it's just someone with broken client)
Best Regards,
Dmitry