> Not to mention that the server from which this product is being served > seems to be running outdated (and possibly even vulnerable) versions of > Apache and mod_php. Heck, rr-n1-tor.opensrs.net is even running old > versions of Apache and OpenSSL with known buffer overflows.
Note that all our services, even if "older/outdated", are not vulnerable and appropriate measures have been taken to ensure they are secure. rr-n1-tor is NOT running SSLv2, which is where the OpenSSL buffer overflow is exploitable - so there's no concern there. Charles Daminato OpenSRS Product Manager Tucows Inc. - [EMAIL PROTECTED]
