<snip> >> Apache/1.3.20 Sun Cobalt (Unix) mod_jk mod_ssl/2.8.4 OpenSSL/0.9.6b PHP/4.1.2 >> mod_auth_pam_external/0.1 FrontPage/4.0.4.3 mod_perl/1.25
>> Are we back to OpenSSL/0.9.6b? >> [root src]# openssl >>OpenSSL> version >>OpenSSL 0.9.6b 9 Jul 2001 >>OpenSSL> quit </snip> I've just done this to our RaQ4 here, and same as Gerald, openssl seems to be STILL on 0.9.6b (I hadn't applied previous patches, just done some blocking and prayed!) Any ideas whats gone wrong here? [root /root]# rpm -qi openssl Name : openssl Relocations: (not relocateable) Version : 0.9.6b Vendor: (none) Release : 8 Build Date: Mon 25 Feb 2002 11:21:44 AM GMT Install date: Mon 25 Feb 2002 03:34:20 PM GMT Build Host: rev66.cobalt Group : System Environment/Libraries Source RPM: openssl-0.9.6b-8.src.rpm Size : 3102671 License: BSDish URL : http://www.openssl.org/ Summary : The OpenSSL toolkit. Description : The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. Notice the build dates? I'm guessing my RPM hasn't been updated for some reason :( Mind you, i've just extracted the PKG, and found the RPMs in there are: apache-1.3.20-RaQ4_1C4stackguard.i386.rpm apache-admsrv-1.3.20-RaQ4_1C4stackguard.i386.rpm apache-devel-1.3.20-RaQ4_1C4stackguard.i386.rpm apache-mod_perl-1.3.20-RaQ4_1C4stackguard.i386.rpm apache-openssl-1.3.20-RaQ4_1C4stackguard.i386.rpm Where's openssl ??? Anyone want to enlighten me as to whats just occurred? I'm presuming that my Apache has been patched... somehow... and is not vulnerable. I also would like to know a DEFINITIVE way of testing for this vuln, because getting host headers isn't a reliable means from what I can tell (esp. when i've hidden those ages ago so they're set to Minimal) Many thanks for anyone who can shed some light... Regards, Andy [EMAIL PROTECTED] http://www.raqpak.com/ <-- Raq/Qube unofficial PKGs and support advice _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
