[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] My updated RaQ2s show vulnerable
- Subject: [cobalt-users] My updated RaQ2s show vulnerable
- From: Glenn Parsons <gparsons@xxxxxxxxxxxxx>
- Date: Tue Jul 2 15:14:00 2002
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
Hello All,
I updated the Retina chunked scanner from http://www.eeye.com and
re-scanned my servers after seeing the posts the other day. My RaQ2s, which
have been patched to the latest Apache patch, still show up vulnerable.
From the command-line of one RaQ2:
[admin admin]$ httpd -V
Server version: Apache/1.3.3 Cobalt (Unix) (Red Hat/Linux)
Server built: Jun 24 2002 22:16:13
Server's Module Magic Number: 19980917:0
Server compiled with....
-D HAVE_MMAP
-D HAVE_SHMGET
-D USE_SHMGET_SCOREBOARD
-D USE_MMAP_FILES
-D USE_FLOCK_SERIALIZED_ACCEPT
-D HTTPD_ROOT="/etc/httpd"
-D SUEXEC_BIN="/usr/sbin/suexec"
-D SHARED_CORE_DIR="/usr/lib/apache"
-D DEFAULT_PIDLOG="/var/run/httpd.pid"
-D DEFAULT_SCOREBOARD="/var/run/httpd.scoreboard"
-D DEFAULT_LOCKFILE="/var/run/httpd.lock"
-D DEFAULT_XFERLOG="/var/log/httpd/access_log"
-D DEFAULT_ERRORLOG="/var/log/httpd/error_log"
-D TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
-D ACCESS_CONFIG_FILE="conf/access.conf"
-D RESOURCE_CONFIG_FILE="conf/srm.conf"
[admin admin]$ httpd -v
Server version: Apache/1.3.3 Cobalt (Unix) (Red Hat/Linux)
Server built: Jun 24 2002 22:16:13
[admin admin]$
Any comments?
Thanks,
Glenn