On Sun, Jul 14, 2002 at 11:03:09PM +0200, Fabrizio Di Meo wrote:
I wouldn't be boring but how could I check the current patch in use on my system? If I query Apache it responds as : "Apache/1.3.20 Server at ..."
You can check the changelog in the RPM, as others have pointed out. There's also some Windows based scanner tool from eEye Security which basically does the following: $ telnet server 80 POST / HTTP/1.0 Transfer-Encoding: chunked AAAAAAAAAA An unfixed server would crash and close the connection when you do this (Beware: there seem to be configurations though where this does not happen, even for an unpatched server - this is from user feedback I received. I haven't been able to reproduce this, and it seems weird, but that doesn't mean it's impossible). Olaf