20 Jun
2002
20 Jun
'02
15:24
Hi there... ----- Original Message ----- From: "Alan Rouse" <ARouse@n2bb.com> To: <suse-security@suse.com> Sent: Thursday, June 20, 2002 4:54 PM Subject: [suse-security] SuSE Apache patch sufficient?
Yesterday's SuSE advisory (Apache chunk handling) indicates their belief that:
However, the exploit posted this morning on vulnwatch indicates that such an exploit exists against Linux.
Again: No, the exploit posted on vulnwatch this morning works agains xBSD only. Sure, it is a "proof of concept" - so it wont take long 'till there is one working against Linux based systems. But you've got some time to get a new Apache running - and the SuSE suggests to update to 1.3.26 so do I,
Thank you.
no problem ;-) Andreas