According to this we should all upgrade to a newer version of Apache:
http://www.apacheweek.com/issues/02-06-21

So, has anybody done it?

Cris Bailiff has posted a fix to the apache vulnerability on Security Focus.

http://online.securityfocus.com/archive/1/278281/2002-06-19/2002-06-25/0

A manual installation step-by-step can be found at
http://www.uk2raq.com/raqfaq/raqfaqshow.php?faq=116

An (unofficial!) cobalt package is avaible at
http://www.solarspeed.net/freebies/RaQ34-Blowchunks-Module-1.0.0-2.pkg

It's strongly adviseable to install the fix (admserv is running as root user!) until Sun/Cobalt will hopefully release an official update...

Thanks!

we updated last week as soon as they got the fix out.
Since someone decided to prove the threat was real and release a compiled ready to run version of the hack script into the wild, it is something all host should do pronto.

Monte

I tried both the package and the manual method to install it, but neither work.. The package seems to stop the admin GUI from working, while the manual method simply refuses to load the module

Manuall method worked fine for us

Are you on RaQ3 - i think apxs is broken there... so i guess neither the pkg nor the manuel method will succeed for you...

No. I'm using a RAQ4

http://camelbackup.com/raq3-apache-1.3.26.html

Originally posted by blacknight
I tried both the package and the manual method to install it, but neither work.. The package seems to stop the admin GUI from working, while the manual method simply refuses to load the module
IMPORTANT: There are two # Extra Modules sections - make sure you put the LoadModule bits under the Extra Modules that contain LoadModules, and the AddModules bits under the Extra Modules section that contains AddModules.

If you re-install, uninstall the .pkg first and then do the manual install at http://www.uk2raq.com/raqfaq/raqfaqshow.php?faq=116

Originally posted by roly
http://camelbackup.com/raq3-apache-1.3.26.html
However they say that it is untested on a RAQ4.

manual worked fine, tried it on two Raq3s.

Originally posted by roly
http://camelbackup.com/raq3-apache-1.3.26.html
Has anybody tried this on a RAQ4?

Originally posted by blacknight

Has anybody tried this on a RAQ4?

I wouldn't recommend it.

Have you tried my instructions in my previous message for the manual install which definitely works?

I was going to, but as I'm upgrading a lot of stuff on the server I thought it'd be a good idea to upgrade Apache rather than just patching it temporarily.
As the patch seems to be the only feasible solution at the moment I will probably go with that...

ftp://ftp.cobaltnet.com/pub/unsupported/raq3/rpms/
ftp://ftp.cobaltnet.com/pub/unsupported/raq4/rpms/
ftp://ftp.cobaltnet.com/pub/unsupported/raqxtr/rpms/
ftp://ftp.cobaltnet.com/pub/unsupported/raq550/rpms/

The RaQ3 dir does not seem to contain an admin fix.

[blacknight] These rpms are in the upgrade path.

F***; RaQ3 patch was fine... RaQ4 patch just ate Chilisoft ASP (or Sun ONE, as they call it now!) I think it was a bad ASP install in the first place, but I'm not taking any chances! (Removed old version and upgraded to 3.6.2)

I should have given up RaQs when I gave up smoking....(!)

There is now a supported RAQ4 fix at http://sunsolve.sun.com/patches/cobalt/raq4.eng.html

If you've installed the manual fix, you should remove mod_blowchunks by adding a # in front of the lines you added to /etc/httpd/conf/httpd.conf and /etc/admserv/conf/httpd.conf and restart both servers.

Wouldn't you wish Cobalt/Sun updated Apache for the Raq3 to the latest version while they're at it.

Don't be silly! That would be far too intelligent..
If you look at the updates from Cobalt over the last few months 9 times out of 10 they are always a step behind. The only way to really keep up to date is to either use the .pkgs from other non-Cobalt sites or by doing manual installs of everything.

I don't have that much linux experience and I fear that manually installing a non-cobalt package, especially one as big as the Apache server itself, would cost me $50/hour in repair mere minutes later.

A lot of the minor upgrades aren't that difficult believe me.
Anything that is heavily integrated into the RAQ's rather 'particular' system (eg. Perl) is a lot more difficult, as a screwup can mean loss of functionality.

One would think that Apache ties quite deeply into the RAQ's 'particular' system ;)

I installed the Apache update on my Raq4i and it blew up everything. I could not hit the admin GUI, none of my hosted sites would show up, and I was really sweating Bullets!! If you go to suns KB and do a search on the apache, you will see, that if you have upgraded to the newest Chilisoft! it will blow up. If you just leave the stock chilisoft! and update the apache, then the chilisoft! it should work fine. Hope that helps someone.

Originally posted by roly
http://camelbackup.com/raq3-apache-1.3.26.html

I have a Cobalt Raq3 with all the latest patches installed and with PHP 4.2.2 compiled from source. Everything works great! But I wanted to switch from the old Apache 1.3.6 away to the new 1.3.26 so I tried to do the upgrade.

I followed the Camelbackup (see above) step by step instructions, and everything seemed to work just fine. After stopping the original 'httpd' (Apache 1.3.6) and starting the new one (Apache 1.3.26) the previously working PHP 4.2.2 just stopped working! When I acces a .php file through the web browser on my server, Apache doesn't log any errors into the error log file, it logs 200 (OK) into its access log - so far so good. But NONE of the PHP scripts work anymore on the server! They simply return a totally blank page to the web browser. Even as simple PHP scripts as <? phpinfo() ?> don't work anymore!! What could be causing this? The php4lib.so modul IS loaded by the new Apache daemon, with no error messages displayed whatsoever. The scripts just simply don't run anymore! When I switch back to the original 'httpd' daemno, PHP 4 works again!

Does anyone have seen this problem before? Do you guys think that re-builing PHP 4.2.2 from source (with the new Apache 1.3.26 running on the server) would fix this problem? Does PHP checks the Apache version when you build it? Is it possible that php4lib.so that works perfectly with Apache 1.3.6 needs to be re-compiled/re-bulit for Apache 1.3.26 to work at all?

Any suggestions would be highly appreciated!

Zoltan

Zoltan...

If you complied PHP with the original apache I would rebuild it with the new version. Make sure your path to the apxs is where your new version is.

Originally posted by blazeman
Zoltan...

If you complied PHP with the original apache I would rebuild it with the new version. Make sure your path to the apxs is where your new version is.

I tried everything, still no success. Apache 1.3.26 works fine on my the Raq3, but I cannot make PHP 4.2.2 work with it no matter how hard I try... I recompiled PHP several times using the new apxs, but I get to a point where I can't even do a 'make install' for PHP... When I swicth back to the original Apache 1.3.6 (and to the original apxs file) PHP 4 starts to work again. This is kind of odd. If anyone could help please email me at zoltan@frombach.com

Thanks,

Zoltan

Why can't you do a make install? If there is an error there it could lead to your problem...