[NTLUG:Discuss] apache updates
Elequin
elequin at abyssal.org
Mon Jun 24 14:53:44 CDT 2002
Jay Urish wrote:
> no prob-- funny thing is that the scanner says 1.3.23 (what i'm running)
is
> vulnerable..
>
> I don't have time for a major root compromise right now...
Right, but the Apache patch that Mandrake is providing keeps the version
number of your installed Apache the same. Notice:
Mandrake Linux 8.2:
d4b8e74109a6a9a06b77f4ca00703cb4 8.2/RPMS/apache-1.3.23-4.1mdk.i586.rpm
The above is the updated fixed version that Mandrake is releasing to combat
this vuln. See that it's still Apache 1.3.23. The scanner just checks the
version of Apache running, it doesn't actually try the exploit, from what I
know. You should be good as long as you've done the recommended update.
- Eric
More information about the Discuss
mailing list