APACHE REMOTE EXPLOIT

B

bdraco

Guest
Its been previously discussed on here already, but I'd like to make sure everyone understands this. The denial of service attack that people have been mentioning about apache is a remote exploit. You should upgrade your system with buildapache.sea ASAP.

http://online.securityfocus.com/archive/1/277830
 

rpmws

Well-Known Member
Aug 14, 2001
1,822
8
318
back woods of NC, USA
Hey nick .. you have 1.3.24 on this box ..is that safe? I see 1.3.26 on the cpanel.net cpanel based box.

Just curious ...we need 1.3.26 .. ASAP everywhere right? 1.3.24 does that stop that exploit?
 

Cscarlet

Active Member
Jul 3, 2002
31
0
156
i don't know myself but think it wise to upgrade to the latest version anyway
 

jsteel

Well-Known Member
Jul 4, 2002
646
0
166
Atlanta, GA
[quote:5f3ed2bb00][i:5f3ed2bb00]Originally posted by CPanel User[/i:5f3ed2bb00]

Only 1.3.26 fixes the hole[/quote:5f3ed2bb00]

Incorrect. Many distributions have patched their bundled versions of Apache. Mandrake, for example, released a 1.3.24 rpm upgrade that patches the hole as well.

Jaz
 

dzevad

Well-Known Member
Oct 7, 2001
95
0
306
Is everything ok with buildapache.sea or fp-5.0-upgrade.sea ? So far every time it installed without problems, now it stops saying:

configure: error: Unable to find libgd.(a|so) anywhere under ../gd-1.8.4
make[1]: Entering directory `/root/fp-5.0-upgrade/buildapache/php-4.2.3'
make[1]: *** No targets specified and no makefile found. Stop.
make[1]: Leaving directory `/root/fp-5.0-upgrade/buildapache/php-4.2.3'
make[1]: Entering directory `/root/fp-5.0-upgrade/buildapache/php-4.2.3'
make[1]: *** No rule to make target `install'. Stop.
make[1]: Leaving directory `/root/fp-5.0-upgrade/buildapache/php-4.2.3'

I tried with fix fixheaders but didn't help. Shouldn't libgd come with apache?



P.S.
I just located libgd.so under /usr/lib

/libgd.so.1
/libgd.so.1.8
/libgd.so.1.8.4
/libgd.so
/libgd.so.1.8.3

How do I tell apache to look for it there?

Thanks