[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Re: is this what we've been discussing - CERT Advisory CA-2002-27 Apache/mod_ssl Worm
- Subject: Re: [cobalt-users] Re: is this what we've been discussing - CERT Advisory CA-2002-27 Apache/mod_ssl Worm
- From: "E.B. Dreger" <eddy+public+spam@xxxxxxxxxxxxxxxxx>
- Date: Sun Sep 15 13:01:00 2002
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
GW> Date: Sun, 15 Sep 2002 15:21:15 -0400
GW> From: Gerald Waugh
GW> How can you tell which openssl version apache (mod_ssl) is
GW> using?
http://www.netcraft.com/
_iff_ not hiding Ap version and modules from responses.
The other day, a family member was unsure if they should use a
place's online order form. A quick Netcraft run revealed Apache
1.3.20 + PHP 4.2.1 + OpenSSL 0.9.5a + other stuff. They've
upgraded Ap and dropped some extra modules, but still have
vulnerable SSL. ("But we have a secure server...")
Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist@xxxxxxxxx>
To: blacklist@xxxxxxxxx
Subject: Please ignore this portion of my mail signature.
These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to <blacklist@xxxxxxxxx>, or you are likely to
be blocked.