On 9/18/2011 10:37 PM, Rod Whitworth wrote: > What a pity that people don't do any searching b4 asking.... > > STFA for this list and (IIRC) find links to the PoC tool amongst other > info. > > > > On Mon, 19 Sep 2011 04:24:19 -0600, Shane Harbour wrote: > >> On 9/18/2011 9:42 PM, L. V. Lammert wrote: >>> On Sun, 18 Sep 2011, Amit Kulkarni wrote: >>> >>>> Recently there was a security issue with Apache. It was based on a >>>> perl script, search google. Maybe you are experiencing traffic and the >>>> realted problems because of that. >>>> >>> Is there any way to find out if the version in 4.3 was susceptable to the >>> attack? >>> >>> Lee >>> >> >> I believe the Apache Foundation released that Apache 1.3 is susceptable >> to this attack. However, with changes made by the devs, it's possible >> the version in OpenBSD may not be. >> >> If you have a spare box, you could always load it up and test it. I >> believe there is an Apache killer perl script floating on the 'net that >> you could use to test with. >> >> Shane >> > > *** NOTE *** Please DO NOT CC me. I <am> subscribed to the list. > Mail to the sender address that does not originate at the list server is > tarpitted. The reply-to: address is provided for those who feel compelled to > reply off list. Thankyou. > > Rod/ > --- > This life is not the real thing. > It is not even in Beta. > If it was, then OpenBSD would already have a man page for it. >
My apologies for generating noise and not remembering this had been previously discussed/answered. Next time I'll pay more attention and STFA :) Shane
