[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Apache Exploit problem - what have you done?

Subject: RE: [cobalt-users] Apache Exploit problem - what have you done?
From: Paul Jacobs <paul@xxxxxxxxxxxxxxxxxx>
Date: Mon Jun 24 14:18:00 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

At 01:40 PM 6/24/2002, you wrote:

<snip>
Perhaps, I'm wrong, but I get the distinct impression that all
the "software" at www.eeye.com does is look at the version of apache
that is returned for an HTTP connect (probably just a HEAD).
</snip>

It does check or else I wouldn't have gotten the "not vulnerable" message on
my 1.3, which is less than .26 after patching it or, much less, seen such a
positive response on SANS list. I have been able to verify that 100% of the
"attempts" using the eEye.com software have actually been picked up and
logged. If there was no attempt to see if it was vulnerable via exploit then
the attempt would not be logged.


Now that's funny :) , sun does not even patch there own servers!

_______________________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To Subscribe or Unsubscribe, please go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users

References:
- RE: [cobalt-users] Apache Exploit problem - what have you done?
  - From: Jolley, Carl
- RE: [cobalt-users] Apache Exploit problem - what have you done?
  - From: Jonothon Ortiz

Prev by Date: Re: [cobalt-users] Apache Exploit problem - what have you done?
Next by Date: [cobalt-users] dealing with "ghost" PKG files
Previous by thread: RE: [cobalt-users] Apache Exploit problem - what have you done?
Next by thread: RE: [cobalt-users] Apache Exploit problem - what have you done?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index