Too bad there aren't any updated/patched binaries for Apache on 64-bit Unix. I have looked everywhere for my SuSE Sparc64 system. Guess I have to compile it. Is there anything i need to know about compiling apache and getting mod_ssl and mod_php to work?
Dusty > Patching this is important on any system, but remember that on 32 bit > UNIX systems, it's only a DoS attack. So if you have your apache > limits tuned down like I do, limited damage should be possible (I only > allow like 5 children on my server...). However, if you're on Win32 > or a 64 bit UNIX platform (UltraSparc, IA-64, x86-64, Alpha, etc) make > sure you patch IMMEDIATELY as there is the possibility of running > arbitrary code as the user apache is running as. This alone is good > enough to get a worm going, and the worm will DoS 32bit systems as it > attempts to spread. > > --MonMotha > > Warren Togami wrote: >> Patch your Apache, and please spread the word to everyone you know >> that is running Apache. This applies to home systems too, even if you >> think your system is "not important". >> >> Red Hat Apache update >> http://linuxtoday.com/news_story.php3?ltsn=2002-06-20-010-26-SC-RH-SV >> Mandrake Apache update >> http://linuxtoday.com/news_story.php3?ltsn=2002-06-21-010-26-SC-MD-SV >> Debian Apache update >> http://linuxtoday.com/news_story.php3?ltsn=2002-06-21-009-26-SC-DB-SV >> Trustix Apache update >> http://linuxtoday.com/news_story.php3?ltsn=2002-06-20-016-26-SC-SV SOT >> Linux Apache update >> http://linuxtoday.com/news_story.php3?ltsn=2002-06-20-015-26-SC-SV-SW >> SuSE Apache update >> http://linuxtoday.com/news_story.php3?ltsn=2002-06-19-023-26-SC-SV-SS >> >> http://www.idg.net/ic_877484_1794_9-10000.html >> Apache exploit circulating, users urged to patch >> >> If users have put off patching their Apache Web servers against the >> vulnerability discovered Monday, they should wait no longer, as an >> exploit to attack the security hole is now circulating on the >> Internet, according to Oliver Friedrichs, director of engineering at >> SecurityFocus Inc. >> >> The exploit -- a tool which makes attacking a vulnerability easier -- >> was posted to the Bugtraq security email list on Wednesday, Friedrichs >> said. >> >> The existence of an exploit "makes the possibility of a worm that >> targets these (systems) more likely," he said. >> (continued in article) >> >> _______________________________________________ >> LUAU mailing list >> [EMAIL PROTECTED] >> http://videl.ics.hawaii.edu/mailman/listinfo/luau >> > > > _______________________________________________ > LUAU mailing list > [EMAIL PROTECTED] > http://videl.ics.hawaii.edu/mailman/listinfo/luau
