What a pity that people don't do any searching b4 asking.... STFA for this list and (IIRC) find links to the PoC tool amongst other info.
On Mon, 19 Sep 2011 04:24:19 -0600, Shane Harbour wrote: >On 9/18/2011 9:42 PM, L. V. Lammert wrote: >> On Sun, 18 Sep 2011, Amit Kulkarni wrote: >> >>> Recently there was a security issue with Apache. It was based on a >>> perl script, search google. Maybe you are experiencing traffic and the >>> realted problems because of that. >>> >> Is there any way to find out if the version in 4.3 was susceptable to the >> attack? >> >> Lee >> > >I believe the Apache Foundation released that Apache 1.3 is susceptable >to this attack. However, with changes made by the devs, it's possible >the version in OpenBSD may not be. > >If you have a spare box, you could always load it up and test it. I >believe there is an Apache killer perl script floating on the 'net that >you could use to test with. > >Shane > *** NOTE *** Please DO NOT CC me. I <am> subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ --- This life is not the real thing. It is not even in Beta. If it was, then OpenBSD would already have a man page for it.
