Bug in all apache ve
This is very seriuos problem wich can give to remotly attackers abilty to control server trough this exploit.
More informatio can be founded on
http://httpd.apache.org/info/security_bulletin_20020617.txt
According to this advisory owner of 32 bit UNIX platform should not be
affected with this problem.
Signed,
Dzevad Hadzic
[quote:b52e5274c6][i:b52e5274c6]Originally posted by zex[/i:b52e5274c6]
This is very seriuos problem wich can give to remotly attackers abilty to control server trough this exploit.
More informatio can be founded on
http://httpd.apache.org/info/security_bulletin_20020617.txt
According to this advisory owner of 32 bit UNIX platform should not be
affected with this problem.
[/quote:b52e5274c6]
32 bit macines (intel based machines) are affected to some extent. You can starve the system by using this hole in apache and bring a server to its knees. We are working on a new buildapache.sea, however we are waiting for the modssl people to release a new version that works with the new apache.
[quote:4a02d1e511][i:4a02d1e511]Originally posted by bdraco[/i:4a02d1e511]
32 bit macines (intel based machines) are affected to some extent. You can starve the system by using this hole in apache and bring a server to its knees. We are working on a new buildapache.sea, however we are waiting for the modssl people to release a new version that works with the new apache.[/quote:4a02d1e511]
Wich new apache 1.3.x or 2.x ?
If it is 1.3.x does that mean that people from apache fundation are made some heavy modifications to the apache wich is not comaptibily with older mod_ssl ?
Signed,
Dzevad Hadzic
Just thought I'd point out that there is now a version of mod_ssl compatible with apache 1.3.26.
www.modssl.org
That means that we can espect new apachebuild soon
Signed,
Dzevad Hadzic
LinkBack URL
About LinkBacks
Reply With Quote