Bugtraq mailing list archives

Re: ISS Advisory: Remote Compromise Vulnerability in Apache HTTP Server

From: Muhammad Faisal Rauf Danka <mfrd () attitudex com>
Date: Tue, 18 Jun 2002 21:35:36 -0700 (PDT)

This bug has already been mentioned on the public mailing list for Apache which is here = 
http://groups.yahoo.com/group/new-httpd/message/36545

as we can see it was on Date:  Tue May 28, 2002  5:22 pm.

and the bug is fixed in CVS for Apache 2.0
this advisory is rather in form of a uniformed and questionable advisory.
Surely ISS will get a lot of press for that. =)

oh and Apache 1.3.26 and 2.0.39 are released, These versions are both security and bug-fix releases. 
You can download them from:
http://www.apache.org/dist/httpd/



Regards, 
---------
Muhammad Faisal Rauf Danka

Chief Technology Officer
Gem Internet Services (Pvt) Ltd.
web: www.gem.net.pk

Vice President
Pakistan Computer Emergency Responce Team (PakCERT)
web: www.pakcert.org

Chief Security Analyst
Applied Technology Research Center (ATRC)
web: www.atrc.net.pk

_____________________________________________________________
---------------------------
[ATTITUDEX.COM]
http://www.attitudex.com/
---------------------------

_____________________________________________________________
Promote your group and strengthen ties to your members with email () yourgroup org by Everyone.net  
http://www.everyone.net/?btn=tag

Current thread:

Re: ISS Advisory: Remote Compromise Vulnerability in Apache HTTP Server Muhammad Faisal Rauf Danka (Jun 19)
- <Possible follow-ups>
- Fw: ISS Advisory: Remote Compromise Vulnerability in Apache HTTP Server Mark Litchfield (Jun 19)