Mailinglist Archive: opensuse-security (499 mails)

< Previous Next >
Re: [suse-security] Apache update
  • From: "ts" <ts@xxxxxxxxxx>
  • Date: Tue, 18 Jun 2002 05:17:41 -0500
  • Message-id: <3d0f08c5.49e7.1804289383@xxxxxxxxxx>
> * bliss@xxxxxxxxx wrote on Tue, Jun 18, 2002 at 04:26
> +0000:
> > I am not certain if this is the exploit you are talking
> > about. There was no link included in the email which
> you
> > sent.

No, sorry bout that. I did mention the slashdot story
however,
which is still in the "current" queue.

But, the XForce email announcing an exploit
> > (assumed to be what you are talking about here,
> > specifically states:
> >
> > > > X-Force has verified that this issue is exploitable
> > > > on Apache for
> > > > Windows (Win32) version 1.3.24. Apache 1.x for Unix
> > > > contains the same
> > > > source code, but X-Force believes that successful
> > > > exploitation on most
> > > > Unix platforms is unlikely.
> >
> > So, if this is the vulnerability which you are talking
> > about, then the reporting group states that it is
> > probably not a problem on Unix (which would include SuSE
> > Linux).
>
> Well, in the Apache group's advisory, Mark J Cox stated it
> a
> little different and said the patch supplied by IIS
> wouldn't
> prevent it.


That is also what I have read. In either case, the flaw, if
viable for SuSE linux distributed versions, still seems to
have the possibility of killing child instances. This means
forking() another eventually.
A possible denial of service is much better than the
alternative here though. Hope this is all there is to it.

< Previous Next >