Google
  Web www.spinics.net

Re: slapper worm

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jesse Keating wrote:
> 
> James, what is in your package that we haven't included in our Apache?
> I was under the assumption that we had fixed all the CVEs related to the
> slapper worm and that our users were safe.  If this isn't the case, we
> have a severe problem and need to fix this immediately.
> 
> 
> 
> ------------------------------------------------------------------------

Jesse,

Hi.  I think it was fixed with the updates to perl by the update.  But,
that said, he could have a WebAdmin install that makes him vulnerable again.

My version takes care of the mod_ssl issue he already disabled.  FC1
doesn't have a fix or if so it hasn't gone through QA yet.
My version does add the mod_security module to Apache which should help
with this and other worms that try to access via this type of method.

James
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD1VSAkNLDmnu1kSkRAuV5AJ4tHYj1a7HHknypuE0F0UhJyYDL7QCeKHDq
DB1v27kblhsQGeIJdpyGEjI=
=ywd9
-----END PGP SIGNATURE-----
-- 
Scanned by ClamAV - http://www.clamav.net

--

fedora-legacy-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-legacy-list

[Fedora Development]     [Fedora Announce]     [Fedora Legacy Announce]     [Fedora Config]     [PAM]     [Fedora General Discussion]     [Big List of Linux Books]     [Gimp]     [Free Internet Dating]     [Yosemite Questions]

Powered by Linux