Read up...

http://httpd.apache.org/info/security_bulletin_20020617.txt
and
http://www.cert.org/advisories/CA-2002-17.html

Yep, all you hosts out there using 64bit unix systems or windows boxes with apache better get a'patchin' :crap:

so we sit around and wait eh?

"Upgrade to the latest version
The Apache Software Foundation has released two new versions of Apache that correct this vulnerability. System administrators can prevent the vulnerability from being exploited by upgrading to Apache version 1.3.25 or 2.0.39. The new versions of Apache will be available from their web site at"

don't see a 1.3.25 yet =/

# httpd -v
Server version: Apache/1.3.24 (Unix)
Server built: May 15 2002 20:37:06

:( :( :( :( :(

U run a 64 bit server?

no.

The problem is that ISS did not follow standard procedure and reported the bug to the NIPC, instead of the to the Apache Software Foundation.

Normally, when a bug like this is discovered it is reported to the vendor (ASF in this case), who has 30 days to issue a patch, before it is reported publicly.

Because ISS did not do this, the ASF now has to scramble to put together a patch...hence the reason no releases have been issued.

delete this post

too bad :rolleyes:

woot
http://www.apache.org/dist/httpd/apache_1.3.26.tar.gz
go get it fellas
for those that use 1.3.x anyway

i need mod ssl for 1.3.26
=/
Current Version: mod_ssl 2.8.8 for Apache 1.3.24
www.modssl.org

so i guess i gotta wait
unless someone has a better idea

just wait.. that's what im doing.

Originally posted by Drewcifer
U run a 64 bit server?

It does say it affects 32bit systems as well, just not in the same manner, and nor quite as harshly

Originally posted by frozen


It does say it affects 32bit systems as well, just not in the same manner, and nor quite as harshly

Point taken, but it's hardly anything to worry about on a 32 bit *nix box. We can't have those skiddiots coming around terminating our child processes, dammit! lol

http://www.modssl.org/source/mod_ssl-2.8.9-1.3.26.tar.gz
:D
out

Apache on x86 *nix is vulnerable to the remote shell exploit as well. Demonstration code to hack OpenBSD was released by GOBBLES this morning.

http://online.securityfocus.com/news/493

http://vnunet.com/News/1132795

This could be nasty.

definately
glad i upgraded all my servers
:)

/me upgrades

now?
lol
you should of upgraded yesterday!
or the day before
:P

Hmm, how long before webhostingtalk.com is hacked or patched? :stickout


HTTP/1.1 200 OK
Date: Fri, 21 Jun 2002 04:25:48 GMT
Server: Apache/1.3.24 (Unix) PHP/4.1.2
X-Powered-By: PHP/4.1.2

yea...

latest php is 4.2.1
lol
and apache is 1.3.26
=/

check this out
rockstar:~# telnet cogentco.com 22
Trying 66.28.0.10...
Connected to cogentco.com.
Escape character is '^]'.
SSH-1.99-OpenSSH_3.0.2p1

and
<HR>
Apache/1.3.14 Server at www.cogentco.com Port 80

Originally posted by clocker1996
check this out
rockstar:~# telnet cogentco.com 22
Trying 66.28.0.10...
Connected to cogentco.com.
Escape character is '^]'.
SSH-1.99-OpenSSH_3.0.2p1

and
<HR>
Apache/1.3.14 Server at www.cogentco.com Port 80
lol apache 1.3.14 is soo old lol

Oh no, I heared its not fixed properly in 1.3.26:bawling:

heard*

and where did you hear this from?
don't believe everything you hear.

Originally posted by clocker1996
heard*

and where did you hear this from?
don't believe everything you hear.
securityfocus

Originally posted by roly

securityfocus

Roly -- I think you are misinterpreting, unless I missed the link, the current bugs listed in bugtraq all refer to versions of Apache prior to 1.3.26 and 2.0.38:

http://online.securityfocus.com/archive/1

The only other Apache article I saw was the jerk who decided to release the exploit in a pre-compiled version for all of the script kiddies:

http://online.securityfocus.com/news/493

and

http://online.securityfocus.com/archive/1/277830

I'll keep my opinion of the the buttwipes that run "Gobbles Security" to myself.

link please?