Prob. updating EmailServer II for apache vuln?
Is there a specific update for the Apache buffer overflow for SuSE eMail Server II? I attempted to update is as though it were a SuSE7.0 server (And then later tried the 7.1 updates) and received Segmentation faults from the httpd children each time i tried to access. Originally installed (before update) was: Apache 1.3.12-128 mod_ssl-2.6.6-128 Anyone else updated their SuSE II mail server? Clues? thanks Nathan
Nathan Fain wrote:
Is there a specific update for the Apache buffer overflow for SuSE eMail Server II?
I attempted to update is as though it were a SuSE7.0 server (And then later tried the 7.1 updates) and received Segmentation faults from the httpd children each time i tried to access.
Originally installed (before update) was: Apache 1.3.12-128 mod_ssl-2.6.6-128
Anyone else updated their SuSE II mail server? Clues? thanks
Nope. It didn't work for me either. But: Chris Bailiff posted a small Apache-DSO on bugtraq (blowchunk), which rejects all traffic requesting chunked transfers. It's the last Attachment in http://online.securityfocus.com/archive/1/278281/2002-06-16/2002-06-22/2. Works here - at least until a *real* fix is possible. Ralph
participants (2)
-
Nathan Fain
-
Ralph Angenendt