httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeff White" <jlw...@earthlink.net>
Subject Re: [users@httpd] Proxy garbles "special" characters
Date Tue, 07 Oct 2003 18:03:55 GMT

From: "Leif W"

>
> HTTP/1.1 200 OK
> Date: Mon, 06 Oct 2003 14:18:22 GMT
> Server: Apache/2.0.47 (Unix) mod_ssl/2.0.47 
> OpenSSL/0.9.7b 

<quote>

An open-source group that maintains software 
for securing communications released a patch 
on Tuesday to fix several vulnerabilities that 
were found during a security test by the U.K. 
government. 

The security flaws exist in the OpenSSL Project's 
version of the secure sockets layer (SSL) software 
used by Web sites and browsers to cryptographically 
secure data. Two of the flaws could lead to a 
denial-of-service attack, and a third may allow an 
attacker to break into a system from the Internet. 

Snip

Not to be confused with the OpenSSH project--SSH 
stands for secure shell--which has patched its software 
twice in the last month, the OpenSSL Project develops
and maintains an open-source version of SSL software. 
A year ago, the Slapper worm infected Linux computers
that hadn't been patched to fix a different hole in the same 
software. 

</quote>

Open-source group plugs three holes
http://zdnet.com.com/2100-1105_2-5085327.html?tag=zdfd.newsfeed

OpenSSL Flaws Loom Over Internet Security
http://www.securityfocus.com/news/7103 

<quote>

October 2, 2003

There are multiple vulnerabilities in
different implementations of the
Secure Sockets Layer (SSL) and
Transport Layer Security (TLS) protocols.

OpenSSL versions prior to 0.9.7c and 0.9.6k

CA-2003-26 Multiple Vulnerabilities in SSL/TLS Implementations
http://www.cert.org/advisories/CA-2003-26.html

</quote>

Jeff



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message