Re: Systems compromised with ShellBOT perl script - part 2

• Previous message: Poof: "RE: Systems compromised with ShellBOT perl script - part 2"
• Maybe in reply to: Meder Kydyraliev: "Re: Systems compromised with ShellBOT perl script - part 2"
• Next in thread: Chris Norton: "Re: Systems compromised with ShellBOT perl script - part 2"
• Reply: Chris Norton: "Re: Systems compromised with ShellBOT perl script - part 2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <incidents@securityfocus.com>
Date: Wed, 20 Oct 2004 09:30:43 -0700

This is from the httpd-2.0.46-40.ent change log, you'll note that most of
these can be considered exploitable hacks, and each and every one of them
applies to your current install of 32.ent

- mod_dav_fs: security fix for indirect lock refresh (CAN-2004-0809)
- mod_dav_fs: fix indirect lock handling on 64-bit platforms
- add security fixes for CAN-2004-0747, CAN-2004-0786
- mod_ssl: add security fix for CAN-2004-0751
- split security fix for CAN-2004-0748 out from -sslio patch
- merge ap_rgetline_core NUL-termination fixes from 2.0.5[01]
- have -devel require httpd of same V-R
- drop suexec minimum acceptable gid to 100 (#127667)
- mod_ssl: security fix for overflow in FakeBasicAuth (CVE CAN-2004-0488)

Those are just httpd, leaving out the kernel and php hack fixes.

If you dont have it set automatically, you need to have up2date download and
update manually once per day. Judging by your current packages, you havent
updated since March... This is not a good thing :(

• Previous message: Poof: "RE: Systems compromised with ShellBOT perl script - part 2"
• Maybe in reply to: Meder Kydyraliev: "Re: Systems compromised with ShellBOT perl script - part 2"
• Next in thread: Chris Norton: "Re: Systems compromised with ShellBOT perl script - part 2"
• Reply: Chris Norton: "Re: Systems compromised with ShellBOT perl script - part 2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]