Yesterday's SuSE advisory (Apache chunk handling) indicates their belief that: On 32bit architectures, this overflow cannot be exploited to inject code into the httpd process and gain access to the machine, because the overflow will always result in a segmentation fault, and the process will terminate. However, the exploit posted this morning on vulnwatch indicates that such an exploit exists against Linux. This makes me wonder whether the SuSE patch is sufficient. (If they did not fully understand the threat, have they actually addressed it?) What is the official SuSE answer to this question? Thank you.
Hi there... ----- Original Message ----- From: "Alan Rouse" <ARouse@n2bb.com> To: <suse-security@suse.com> Sent: Thursday, June 20, 2002 4:54 PM Subject: [suse-security] SuSE Apache patch sufficient?
Yesterday's SuSE advisory (Apache chunk handling) indicates their belief that:
However, the exploit posted this morning on vulnwatch indicates that such an exploit exists against Linux.
Again: No, the exploit posted on vulnwatch this morning works agains xBSD only. Sure, it is a "proof of concept" - so it wont take long 'till there is one working against Linux based systems. But you've got some time to get a new Apache running - and the SuSE suggests to update to 1.3.26 so do I,
Thank you.
no problem ;-) Andreas
participants (2)
-
Alan Rouse -
Andreas Syska