|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: H D Moore (sflist
digitaloffense.net)Date: Wed Jun 26 2002 - 21:46:12 CDT
Just to confirm, the bug exists in 2.8.9 and earlier? The first part of the
advisory mentions 2.4.9, so a casual reader may assume they are unaffected if
they don't read all the way to the bottom...
On Monday 24 June 2002 15:47, Jedi/Sector One wrote:
> Product: mod_ssl - http://www.modssl.org/
> Date: 06/24/2002
> Summary: Off-by-one in mod_ssl 2.4.9 and earlier
[ snip ]
> The mod_ssl development team was very reactive and a new version has just
> been released. mod_ssl 2.8.10 addresses the vulnerability and it is
> freely available from http://www.modssl.org/ . Upgrading from an earlier
> release is painless.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]