Return-Path: X-Original-To: apmail-httpd-users-de-archive@www.apache.org Delivered-To: apmail-httpd-users-de-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 0C34A92D1 for ; Thu, 21 Jun 2012 15:22:19 +0000 (UTC) Received: (qmail 60531 invoked by uid 500); 21 Jun 2012 15:22:18 -0000 Delivered-To: apmail-httpd-users-de-archive@httpd.apache.org Received: (qmail 60506 invoked by uid 500); 21 Jun 2012 15:22:18 -0000 Mailing-List: contact users-de-help@httpd.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: users-de@httpd.apache.org List-Id: Delivered-To: mailing list users-de@httpd.apache.org Received: (qmail 60498 invoked by uid 99); 21 Jun 2012 15:22:18 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 21 Jun 2012 15:22:18 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of jblond@gmail.com designates 209.85.214.173 as permitted sender) Received: from [209.85.214.173] (HELO mail-ob0-f173.google.com) (209.85.214.173) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 21 Jun 2012 15:22:14 +0000 Received: by obbta14 with SMTP id ta14so1563996obb.18 for ; Thu, 21 Jun 2012 08:21:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=CG294AtWPcHBn2ZSxLu6ypdsX3iV5/PrZPm+6igsg7I=; b=Cc5enKrLFf7wEAhig0lg/blGlLhr5OXI8QFuqwOOnMv5OU+fOWRgH83dtklWDEjbXV uJacGGRC3AnuPBtrEWcpD9E28a8CCQH9Lc5ADwDG0XqYjse+MyllRwjrzxwrEIUCjQEv IuCOK6uBuNKuC7RXg9PUz2I1jsGLpy52OrgJ0/qtjl+eR9Effrt39451cqluuAj74V1m 28ufxrw8u3TiH3VXiHGhiC219Mp7c2+LvHBRJEJ5t+ip2RZbl5Ic6OV0B0v50U6N6Tec RbvcksGx7Q/jQIU/1N3uSA2dF9bfyus9Jc9bfOKzpGOX/PyjodNLdxbYAIqb4gezsbx+ hfvw== MIME-Version: 1.0 Received: by 10.182.47.105 with SMTP id c9mr28808780obn.49.1340292113802; Thu, 21 Jun 2012 08:21:53 -0700 (PDT) Received: by 10.182.45.133 with HTTP; Thu, 21 Jun 2012 08:21:53 -0700 (PDT) In-Reply-To: <4FE30D36.5010208@thelounge.net> References: <4FE30D36.5010208@thelounge.net> Date: Thu, 21 Jun 2012 17:21:53 +0200 Message-ID: Subject: Re: CVE-2011-3389 From: Mario Brandt To: users-de@httpd.apache.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Virus-Checked: Checked by ClamAV on apache.org Moin Reindl, das ist ja nicht ganz neu. http://mariobrandt.de/archives/technik/secure-apache-against-cve-2011-3389-= aka-beast-attack-354/ Gru=DF Mario 2012/6/21 Reindl Harald : > Hi > > Und wieder mal ein Security-Audit der zum Ergebnis > "Massnahmen erforderlich" kommt > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2011-3389 > > Jemand eine Ahnung wo man da schraubt damit Nessus die Fresse > h=E4lt, ja mich nerven solche Microsoft-Berichte auf einer > Linux-Kiste gewaltig von Dienstleistern von Kunden die auf > Port 443 eigentlich gar nichts zu suchen haben weil nicht > relevant, aber seis drum --------------------------------------------------------------------- To unsubscribe, e-mail: users-de-unsubscribe@httpd.apache.org For additional commands, e-mail: users-de-help@httpd.apache.org