The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

APACHE REMOTE EXPLOIT

Discussion in 'EasyApache' started by bdraco, Jun 25, 2002.

  1. bdraco

    bdraco Guest

    Its been previously discussed on here already, but I'd like to make sure everyone understands this. The denial of service attack that people have been mentioning about apache is a remote exploit. You should upgrade your system with buildapache.sea ASAP.

    http://online.securityfocus.com/archive/1/277830
     
  2. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    7
    Trophy Points:
    318
    Location:
    back woods of NC, USA
    Hey nick .. you have 1.3.24 on this box ..is that safe? I see 1.3.26 on the cpanel.net cpanel based box.

    Just curious ...we need 1.3.26 .. ASAP everywhere right? 1.3.24 does that stop that exploit?
     
  3. Cscarlet

    Cscarlet Active Member

    Joined:
    Jul 3, 2002
    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    156
    i don't know myself but think it wise to upgrade to the latest version anyway
     
  4. abandoned User

    Joined:
    Sep 16, 2002
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    151
    Only 1.3.26 fixes the hole
     
  5. jsteel

    jsteel Well-Known Member

    Joined:
    Jul 4, 2002
    Messages:
    646
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Atlanta, GA
    [quote:5f3ed2bb00][i:5f3ed2bb00]Originally posted by CPanel User[/i:5f3ed2bb00]

    Only 1.3.26 fixes the hole[/quote:5f3ed2bb00]

    Incorrect. Many distributions have patched their bundled versions of Apache. Mandrake, for example, released a 1.3.24 rpm upgrade that patches the hole as well.

    Jaz
     
  6. abandoned User

    Joined:
    Sep 16, 2002
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    151
    You mean 1.3.23.
     
  7. dzevad

    dzevad Well-Known Member

    Joined:
    Oct 7, 2001
    Messages:
    95
    Likes Received:
    0
    Trophy Points:
    306
    Is everything ok with buildapache.sea or fp-5.0-upgrade.sea ? So far every time it installed without problems, now it stops saying:

    configure: error: Unable to find libgd.(a|so) anywhere under ../gd-1.8.4
    make[1]: Entering directory `/root/fp-5.0-upgrade/buildapache/php-4.2.3'
    make[1]: *** No targets specified and no makefile found. Stop.
    make[1]: Leaving directory `/root/fp-5.0-upgrade/buildapache/php-4.2.3'
    make[1]: Entering directory `/root/fp-5.0-upgrade/buildapache/php-4.2.3'
    make[1]: *** No rule to make target `install'. Stop.
    make[1]: Leaving directory `/root/fp-5.0-upgrade/buildapache/php-4.2.3'

    I tried with fix fixheaders but didn't help. Shouldn't libgd come with apache?



    P.S.
    I just located libgd.so under /usr/lib

    /libgd.so.1
    /libgd.so.1.8
    /libgd.so.1.8.4
    /libgd.so
    /libgd.so.1.8.3

    How do I tell apache to look for it there?

    Thanks
     
  8. dzevad

    dzevad Well-Known Member

    Joined:
    Oct 7, 2001
    Messages:
    95
    Likes Received:
    0
    Trophy Points:
    306
    So any help on my previous post?
     
Loading...

Share This Page