NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Vuln-Dev> 2002-q2

From: Jedi/Sector One (jpureftpd.org)
Date: Sun Jun 23 2002 - 02:15:00 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Further investigation show that the flaw is not in Apache itself, but in
mod_ssl, so it's probably not an OpenBSD-specific bug. It's just not
triggered on systems where mod_ssl isn't compiled in.

The overflow is the ssl_compat_directive() function in
src/modules/ssl/ssl_engine_compat.c .

-- 
 __  /*-      Frank DENIS (Jedi/Sector One) <j42-Networks.Com>     -*\  __
 \ '/    <a href="http://www.PureFTPd.Org/"> Secure FTP Server </a>    \' /
  \/  <a href="http://www.Jedi.Claranet.Fr/"> Misc. free software </a>  \/

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]