[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?

Subject: Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?
From: Chris (CJ) Johnson <cj.johnson@xxxxxxx>
Date: Mon Sep 16 14:06:02 2002
List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>

    There is a patch in process for this issue, but a
    footnote is that the recent Sun Cobalt products that
    have included the Security Hardening fixes ought to
    be immune to this attack.

    These include the recent RaQ 550 and the latest Qube
    software update.  These systems have a version of
    Apache with a stackguard buffer overflow detector.

    To verify whether you have the stackguarded version,
	% rpm -q -f /usr/sbin/httpd
	apache-1.3.20-Alpine_1C8stackguard.i386.rpm

    The "stackguard" in the package name means that this
    executable has been protected.

    If a stackguarded binary is attacked, there should be
    a log message in the system log.

    cj*

Follow-Ups:
- Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?
  - From: Blacknight Solutions

Prev by Date: [cobalt-developers] Active Monitor showing disk problem
Next by Date: Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?
Previous by thread: RE: [cobalt-developers] Re: OpenSSL patch for Linux worm?
Next by thread: Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index