[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Apache Chunked Vulnerability and Cobalt servers

Subject: Re: [cobalt-users] Apache Chunked Vulnerability and Cobalt servers
From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Fri Jun 21 14:41:27 2002
Organization: Front Street Networks LLC
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

On Friday 21 June 2002 11:22 am, Chad wrote:

"This follow-up to our earlier advisory is to warn of known-exploitable 
conditions related to this vulnerability on both 64-bit platforms and 32-bit 
platforms alike. Though we previously reported that 32-bit platforms were not 
remotely exploitable, it has since been proven by Gobbles that certain 
conditions allowing exploitation do exist."

"Due to the existence of exploits circulating in the wild for some platforms, 
the risk is considered high. The Apache Software Foundation has released 
versions 1.3.26 and 2.0.39 that address and fix this issue, and all users are 
urged to upgrade immediately. These versions are available for download; see 
below."

OK!!!
I am going to update my httpd, and restrict use to ahtpd to my ip addresses

-- 
Gerald Waugh 
http://frontstreetnetworks.com  SOHO Networks & Web Site Hosting
Front Street Networks LLC     voice +1 203 785 0699 * fax +1 203 785 1787
229 Front Street, Ste. #C, New Haven CT 06513-3203

References:
- [cobalt-users] Apache Chunked Vulnerability and Cobalt servers
  - From: Chad

Prev by Date: Re: [cobalt-users] Problem With Web Server
Next by Date: RE: [cobalt-users] Apache Chunked Vulnerability and Cobalt servers
Previous by thread: [cobalt-users] Apache Chunked Vulnerability and Cobalt servers
Next by thread: RE: [cobalt-users] Apache Chunked Vulnerability and Cobalt servers

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index