[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] Re: is this what we've been discussing - CERT Advisory CA-2002-27 Apache/mod_ssl Worm
- Subject: [cobalt-users] Re: is this what we've been discussing - CERT Advisory CA-2002-27 Apache/mod_ssl Worm
- From: Chris Adams <cmadams@xxxxxxxxxx>
- Date: Sun Sep 15 10:48:01 2002
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
Once upon a time, E.B. Dreger <eddy+public+spam@xxxxxxxxxxxxxxxxx> said:
> GW> Date: Sun, 15 Sep 2002 10:57:36 -0400
> GW> From: Gerald Waugh
> GW> It will not affect SSH from pkgmaster as they used a 'static'
> GW> library (it's compiled into the package)
>
> Correct.
It will also not affect the most important thing: the Apache web
server's SSL support (which is what the worm targets), because that is
also compiled statically against OpenSSL.
Sun needs to release a security fix for this for all RaQs. RaQ3s and up
come with SSL, and we bought an SSL add-on from Cobalt for our RaQ1s and
RaQ2s (of which we still have a few in service).
Since the admin server runs as root and has SSL support on the RaQ3 and
up, this is a serious security threat (if someone wrote a worm that
targeted the admin server port they could get full root access to every
RaQ3 and up).
--
Chris Adams <cmadams@xxxxxxxxxx>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.