[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-developers] Re: OpenSSL - what state is this in?
- Subject: Re: [cobalt-developers] Re: OpenSSL - what state is this in?
- From: Gerrit Ruesing <gerrit@xxxxxxxxxxxx>
- Date: Fri Sep 20 05:08:48 2002
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi William,
/usr/sbin/openssl is the binary to organize your keys and
certificats. When your server key is created this program
is used. You can also create requests to a certification authority to
sign your key (e.g. Thawte, or other).
ASAIK there is no exploit for that. The worm uses the apache ssl
module which is statically linked to the openssl libraries (they are
included at compile time).The ssltest and openssl.cnf files
belong to the binary.
For a summery on the worm see:
http://www.securiteam.com/unixfocus/5PP0B2A8AA.html
So you can leave the files alone or upgrade to OpenSSL 0.9.6g
anyway.
- - Gerrit
On Friday, September 20, 2002, at 10:37 AM, Ian McCall wrote:
Is this a Raq3??
It's a Raq 4.
When I looked at our Raq3 they had about 3 symlinks in
the /usr/lib I think. You won't be able to just do a OpenSSL
compile. You need to build next to apache.
It's these extraneous files lying around that are worrying me - I
don't know
what's using them. Fixing the symlink or copying some files around is
easy
enough, the trouble is that I don't know why they're actually -there-,
or what
upgrade mechanism broke the links, or whether putting 0.9.6g in might
break
anything.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (Darwin)
iD8DBQE9iwzNrnXlma6evXURAgdHAJ4+L0j5p6x45A9NhkxvwxLhjwCg8ACgoYpj
fTmEXyLwQFwlJQFXCrREvHs=
=QIZ+
-----END PGP SIGNATURE-----