Thomas I copied the openssl dlls from http://www.slproweb.com/products/Win32OpenSSL.html and replaced the OpenSSL dll's, I also replaced the OpenSSL.exe, I get the correct version when I use a command prompt and do a openssl version and my website is still functioning :-) however the Header information still shows the old version ie Server: OpenSA/1.0.4 / Apache/1.3.27 (Win32) mod_ssl/2.8.11 OpenSSL/0.9.6g PHP/4.2.2 :-(
Is there anything that can be done to change this header information? Regards Mike Hart On Fri, 05 Nov 2004 17:08:39 -0500, Thomas J. Hruska <[EMAIL PROTECTED]> wrote: > At 08:33 AM 11/5/2004 +0000, Mike Hart writeth: > > > >Hello > > > >I have OpenSA 1.0.4 Installed on a Windows 2000 Server, there is a > >Denial of Service vulnerability with the OpenSSL 0.9.6g portion of > >this installation that requires OpenSSL to be upgraded to OpenSSL > >0.9.7d or 0.9.6m. There seems to be no further upgrades available for > >OpenSA that include updated OpenSSL. My question is - is there a > >simple way to upgrade the OpenSSL Component of OpenSA with version > >0.9.7e. > > > >Any advice would be appreciated. > > > >Regards > > > >Mike Hart > > Hello Mike, > > If it is dynamically linked, you could try deleting the OpenSSL DLLs from > the OpenSA directory and then use: > > http://www.slproweb.com/products/Win32OpenSSL.html > > If it is statically linked, you are out of luck. Try contacting OpenSA. > > Thomas J. Hruska > [EMAIL PROTECTED] > > Shining Light Productions > Home of the Nuclear Vision scripting language and ProtoNova web server. > http://www.slproweb.com/ > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > -- Mike Hart 118 Castle Dawson Rathcoffey Road Maynooth Co. Kildare ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
