[ILUG] Possible Security Vulnerabilities OpenSSL and Mod_SSL
Paul Jakma
paul at clubi.ie
Thu Sep 29 12:49:45 IST 2005
On Thu, 29 Sep 2005, cmulloy at iol.ie wrote:
> Hi there I was wondering if anyone can help me.
>
> Can anyone think of any more security configuration issues or
> vulnerabilities in the following?
>
> OpenSSL version 0.9.5 and Mod_SSL 2.6.6 running on Redhat
Wow. That must be RedHat historical edition.
> I personally think it could be one of the following issues, but again there
> could be more...
What like:
http://www.kb.cert.org/vuls/id/258555
or: http://www.kb.cert.org/vuls/id/935264
or any of the vulnerabilities listed:
http://www.kb.cert.org/vuls/byid?searchview
many of which will be remotely exploitable if you have SSL enabled on
a public service.
You mean like that?
regards,
--
Paul Jakma paul at clubi.ie paul at jakma.org Key ID: 64A2FF6A
Fortune:
Of what you see in books, believe 75%. Of newspapers, believe 50%. And of
TV news, believe 25% -- make that 5% if the anchorman wears a blazer.
More information about the ILUG
mailing list