The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

APACHE REMOTE EXPLOIT

Discussion in 'EasyApache' started by bdraco, Jun 25, 2002.

  1. bdraco

    bdraco Guest

    Its been previously discussed on here already, but I'd like to make sure everyone understands this. The denial of service attack that people have been mentioning about apache is a remote exploit. You should upgrade your system with buildapache.sea ASAP.

    http://online.securityfocus.com/archive/1/277830
     
  2. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA
    Hey nick .. you have 1.3.24 on this box ..is that safe? I see 1.3.26 on the cpanel.net cpanel based box.

    Just curious ...we need 1.3.26 .. ASAP everywhere right? 1.3.24 does that stop that exploit?
     
  3. Cscarlet

    Cscarlet Active Member

    Joined:
    Jul 3, 2002
    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    6
    i don't know myself but think it wise to upgrade to the latest version anyway
     
  4. abandoned User

    Joined:
    Sep 16, 2002
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    Only 1.3.26 fixes the hole
     
  5. jsteel

    jsteel Well-Known Member

    Joined:
    Jul 4, 2002
    Messages:
    646
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Atlanta, GA
    [quote:5f3ed2bb00][i:5f3ed2bb00]Originally posted by CPanel User[/i:5f3ed2bb00]

    Only 1.3.26 fixes the hole[/quote:5f3ed2bb00]

    Incorrect. Many distributions have patched their bundled versions of Apache. Mandrake, for example, released a 1.3.24 rpm upgrade that patches the hole as well.

    Jaz
     
  6. abandoned User

    Joined:
    Sep 16, 2002
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    You mean 1.3.23.
     
  7. dzevad

    dzevad Well-Known Member

    Joined:
    Oct 7, 2001
    Messages:
    95
    Likes Received:
    0
    Trophy Points:
    6
    Is everything ok with buildapache.sea or fp-5.0-upgrade.sea ? So far every time it installed without problems, now it stops saying:

    configure: error: Unable to find libgd.(a|so) anywhere under ../gd-1.8.4
    make[1]: Entering directory `/root/fp-5.0-upgrade/buildapache/php-4.2.3'
    make[1]: *** No targets specified and no makefile found. Stop.
    make[1]: Leaving directory `/root/fp-5.0-upgrade/buildapache/php-4.2.3'
    make[1]: Entering directory `/root/fp-5.0-upgrade/buildapache/php-4.2.3'
    make[1]: *** No rule to make target `install'. Stop.
    make[1]: Leaving directory `/root/fp-5.0-upgrade/buildapache/php-4.2.3'

    I tried with fix fixheaders but didn't help. Shouldn't libgd come with apache?



    P.S.
    I just located libgd.so under /usr/lib

    /libgd.so.1
    /libgd.so.1.8
    /libgd.so.1.8.4
    /libgd.so
    /libgd.so.1.8.3

    How do I tell apache to look for it there?

    Thanks
     
  8. dzevad

    dzevad Well-Known Member

    Joined:
    Oct 7, 2001
    Messages:
    95
    Likes Received:
    0
    Trophy Points:
    6
    So any help on my previous post?
     
Loading...

Share This Page