Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Hacker on my system (??)

Status
Not open for further replies.
clarissa1996

clarissa1996

Technical User
Jan 31, 2002
78
CH
Hi all,

I have installed a firewall (at this moment for test purpose only) and a DMZ where I have a On all PCs I have SuSE linux installed.

Today I have experienced problems on the system where I have my The CPU activity was 98%.

A program whit the name ./t was in execution and in my /tmp directory 3 new source programs (and executables) are saved: e.c, t.c and p.c.

Is seems that this programs are called "exploits". This is new for my !!!!

I attach what I have found in my firewall log (see below). It seems me that my host (192.1.21.99) is trying to contact on source port 443 an external host (I have replaced the IP Address of this external host with "xxx.xxx.xx.xxx").

I attach the http/error.log too (see below).

Can someone tell me what's appens on my PC ?
Should I reinstall all ?
What is the possible risks ?

Best Regards. Clarissa

=====================================================

Here is the beginning of the sources (e.c, t.c and p.c):

/*
* Linux kernel mremap() bound checking bug exploit.
*
* Bug found by Paul Starzetz <paul isec pl>
*
* Copyright (c) 2004 iSEC Security Research. All Rights Reserved.
*
* THIS PROGRAM IS FOR EDUCATIONAL PURPOSES *ONLY* IT IS PROVIDED &quot;AS IS&quot;
* AND WITHOUT ANY WARRANTY. COPYING, PRINTING, DISTRIBUTION, MODIFICATION
* WITHOUT PERMISSION OF THE AUTHOR IS STRICTLY PROHIBITED.
*/

/* lame, oversophisticated local root exploit for kmod/ptrace bug in linux
* 2.2 and 2.4
*
* have fun
*/

/*
* Linux kernel ptrace/kmod local root exploit
*
* This code exploits a race condition in kernel/kmod.c, which creates
* kernel thread in insecure manner. This bug allows to ptrace cloned
* process, allowing to take control over privileged modprobe binary.
*
* Should work under all current 2.2.x and 2.4.x kernels.
*
* I discovered this stupid bug independently on January 25, 2003, that
* is (almost) two month before it was fixed and published by Red Hat
* and others.
*
* Wojciech Purczynski <cliph@isec.pl>
*
* THIS PROGRAM IS FOR EDUCATIONAL PURPOSES *ONLY*
* IT IS PROVIDED &quot;AS IS&quot; AND WITHOUT ANY WARRANTY
*
* (c) 2003 Copyright by iSEC Security Research
*/

============================================================

Here is the firewall log:

Feb 1 19:29:48 linux kernel: dmz-bad IN=eth0 OUT=eth1 SRC=192.1.21.99 DST=xxx.x
xx.xx.xxx LEN=93 TOS=0x00 PREC=0x00 TTL=63 ID=20324 DF PROTO=TCP SPT=443 DPT=606
54 WINDOW=7504 RES=0x00 ACK PSH URGP=0
Feb 1 19:31:46 linux kernel: dmz-bad IN=eth0 OUT=eth1 SRC=192.1.21.99 DST=xxx.x
xx.xx.xxx LEN=93 TOS=0x00 PREC=0x00 TTL=63 ID=20325 DF PROTO=TCP SPT=443 DPT=606
54 WINDOW=7504 RES=0x00 ACK PSH URGP=0
Feb 1 19:33:46 linux kernel: dmz-bad IN=eth0 OUT=eth1 SRC=192.1.21.99 DST=xxx.xxx.xx.xxx LEN=93 TOS=0x00 PREC=0x00 TTL=63 ID=20326 DF PROTO=TCP SPT=443 DPT=606
54 WINDOW=7504 RES=0x00 ACK PSH URGP=0
Feb 1 19:35:45 linux kernel: dmz-bad IN=eth0 OUT=eth1 SRC=192.1.21.99 DST=xxx.xxx.xx.xxx LEN=93 TOS=0x00 PREC=0x00 TTL=63 ID=20327 DF PROTO=TCP SPT=443 DPT=606
54 WINDOW=7504 RES=0x00 ACK PSH URGP=0

============================================================

Here is the http/error.log:

[Sun Feb 1 19:24:17 2004] [error] mod_ssl: SSL handshake failed (server new.hos
t.name:443, client xxx.xxx.xx.xxx) (OpenSSL library error follows)
[Sun Feb 1 19:24:17 2004] [error] OpenSSL: error:0406506C:rsa routines:RSA_EAY_
PRIVATE_DECRYPT:data greater than mod len
[Sun Feb 1 19:24:17 2004] [error] OpenSSL: error:140BB004:SSL routines:SSL_RSA_
PRIVATE_DECRYPT:nested asn1 error
[Sun Feb 1 19:24:17 2004] [error] OpenSSL: error:1406B0CE:SSL routines:GET_CLIE
NT_MASTER_KEY:problems mapping cipher functions
[Sun Feb 1 19:25:24 2004] [error] mod_ssl: SSL handshake failed (server new.hos
t.name:443, client xx.xxx.xx.xxx) (OpenSSL library error follows)
[Sun Feb 1 19:25:24 2004] [error] OpenSSL: error:0406506C:rsa routines:RSA_EAY_
PRIVATE_DECRYPT:data greater than mod len
[Sun Feb 1 19:25:24 2004] [error] OpenSSL: error:140BB004:SSL routines:SSL_RSA_
PRIVATE_DECRYPT:nested asn1 error
[Sun Feb 1 19:25:24 2004] [error] OpenSSL: error:1406B0CE:SSL routines:GET_CLIE
NT_MASTER_KEY:problems mapping cipher functions
 
Sort by date Sort by votes
> Can someone tell me what's appens on my PC ?
It has been compromised - someone is running an exploit on your machine.
As far as I know, it ultimately allows some remote person full control over your machine.

At the very least, the 98% of CPU time is a Denial Of Service attack, since it is absorbing CPU time which you should have access to. This is illegal in some locations.

I think the first thing I would do would be to use say ethereal ( (may already be installed on your linux boxes), and gather some message traffic to the xxx.xxx.xxx.xxx host.

Then try
Code: 
/usr/sbin/traceroute xxx.xxx.xxx.xxx
Contact some of the intermediate domains to verify that the traffic is coming from where you suspect it is. Hopefully, the immediate node before the xxx.xxx.xxx.xxx will be their ISP.

> Should I reinstall all ?
Probably not a bad idea. You don't know what else they may have managed to tamper with.
You certainly need to visit the SuSE website to obtain the relevant patches.

First thing to do is at your firewall block all access (of any kind) from the offending address (but that may tip them off that you've discovered what they're up to).

> What is the possible risks ?
All the possible illegal things which someone could do with your machine.
- Damaging your website
- Harvesting customer information
- Sending spam so that it appears to come from you.

--
 
Upvote 0 Downvote
What version of apache were you running on those things? is the apache up to date on those machines?

_____________________________
when someone asks for your username and password, and much *clickely clickely* is happening in the background, know enough that you should be worried.
 
Upvote 0 Downvote
This is the version:

Server version: Apache/1.3.23 (Unix)

could be a problem ?

Thanks a lot for all your help. Clarissa
 
Upvote 0 Downvote
TECHNICAL OVERVIEW

Two vulnerabilities have been discovered in the Apache Web Server that may cause sensitive file disclosure to the extent that further attacks can be launched against the server.

Apache Web Server MIME Boundary Information Disclosure Vulnerability
MIME is short for Multipurpose Internet Mail Extensions, is a specification for formatting Non-html messages over the Internet. Apache Web Server uses the getpid() ('get the process id') function. The getpid() function returns the process ID (PID) of the calling process, is always successful, and no return value is reserved to indicate an error. The getpid() function is used when constructing MIME message boundaries. A remote attacker can use getpid(), triggering the Apache Server to send a response revealing a MIME Boundary. This will effectively disclose the Apache child process identification (PID) to a remote attacker.

Apache Web Server ETag Header Information Disclosure Vulnerability
The entity tag (ETag) value is used in cache management to save network bandwidth. A cache management feature is an option on Apache Server that makes use of an entity tag (ETag) header. When the cache management feature is enabled and a request is made for a document relating to a file, an ETag response header is returned containing various file attributes. With ETag information, further requests for files that contain specific information can be obtained. This includes such information as the file's inode number, which allows for faster lookup times. A vulnerability has been found in the generation of ETag headers under certain configurations implementing the FileETag command. Among the file attributes included in the header is the file inode number that is returned to a client. This poses a security risk, as this information may aid in launching attacks against other network-based services. The uses of inodes in Etag headers is inherent in Apache versions 1.3.22 and earlier. In order to circumvent this vulnerability OpenBSD (makers of Apache) have solved this problem by encoding the inode numbers.

VULNERABLE SYSTEMS

Caldera Linux
Caldera OpenLinux Server 3.1.1
Apache Software Foundation Apache 1.3.22
Caldera OpenLinux Server 3.1
Apache Software Foundation Apache 1.3.22
Caldera OpenLinux Workstation 3.1.1
Apache Software Foundation Apache 1.3.22
Caldera OpenLinux Workstation 3.1
Apache Software Foundation Apache 1.3.22

Connectiva Linux
Conectiva Linux 8.0
Apache Software Foundation Apache 1.3.22
Conectiva Linux 7.0
Apache Software Foundation Apache 1.3.22
Conectiva Linux 6.0
Apache Software Foundation Apache 1.3.22
Conectiva Linux 8.0
Apache Software Foundation Apache 1.3.26
Conectiva Linux 7.0
Apache Software Foundation Apache 1.3.26
Conectiva Linux 6.0
Apache Software Foundation Apache 1.3.26

OpenBSD
OpenBSD OpenBSD 3.1
Apache Software Foundation Apache 1.3.25
Apache Software Foundation Apache 1.3.24
OpenBSD OpenBSD 3.2
Apache Software Foundation Apache 1.3.22

OpenPKG
OpenPKG OpenPKG 1.0
Apache Software Foundation Apache 1.3.22
OpenPKG OpenPKG 1.1
Apache Software Foundation Apache 1.3.26

Oracle
Oracle Oracle 9i Application Server 9.0.2
Apache Software Foundation Apache 1.3.25
Apache Software Foundation Apache 1.3.24
Oracle Oracle 9i Application Server 1.0.2.2
Apache Software Foundation Apache 1.3.25
Apache Software Foundation Apache 1.3.24
Oracle Oracle 9i Application Server 1.0.2.1s
Apache Software Foundation Apache 1.3.25
Apache Software Foundation Apache 1.3.24
Oracle Oracle 9i Application Server 1.0.2
Apache Software Foundation Apache 1.3.25
Apache Software Foundation Apache 1.3.24
Oracle Oracle HTTP Server 9.2.0
Apache Software Foundation Apache 1.3.25
Oracle Oracle HTTP Server 9.0.1
Apache Software Foundation Apache 1.3.25
Apache Software Foundation Apache 1.3.24

MandrakeSoft Linux
MandrakeSoft Corporate Server 1.0.1
Apache Software Foundation Apache 1.3.22
MandrakeSoft Linux Mandrake 8.1 ia64
Apache Software Foundation Apache 1.3.22
MandrakeSoft Linux Mandrake 8.1
Apache Software Foundation Apache 1.3.22
MandrakeSoft Linux Mandrake 8.0 ppc
Apache Software Foundation Apache 1.3.22
MandrakeSoft Linux Mandrake 8.0
Apache Software Foundation Apache 1.3.22
MandrakeSoft Linux Mandrake 7.2
Apache Software Foundation Apache 1.3.22
MandrakeSoft Linux Mandrake 8.2 ppc
Apache Software Foundation Apache 1.3.23
MandrakeSoft Linux Mandrake 8.2
Apache Software Foundation Apache 1.3.23
MandrakeSoft Linux Mandrake 9.0
Apache Software Foundation Apache 1.3.26

RedHat Linux
RedHat Linux 7.2 ia64
Apache Software Foundation Apache 1.3.22
RedHat Linux 7.2 i386
Apache Software Foundation Apache 1.3.22
RedHat Linux 7.1 ia64
Apache Software Foundation Apache 1.3.22
RedHat Linux 7.1 i386
Apache Software Foundation Apache 1.3.22
RedHat Linux 7.1 alpha
Apache Software Foundation Apache 1.3.22
RedHat Linux 7.0 i386
Apache Software Foundation Apache 1.3.22
RedHat Linux 7.0 alpha
Apache Software Foundation Apache 1.3.22
RedHat Linux 6.2 sparc
Apache Software Foundation Apache 1.3.22
RedHat Linux 6.2 i386
Apache Software Foundation Apache 1.3.22
RedHat Linux 6.2 alpha
Apache Software Foundation Apache 1.3.22
RedHat Linux 7.3 i386
Apache Software Foundation Apache 1.3.23
RedHat Linux 7.3
Apache Software Foundation Apache 1.3.23

SGI IRIX
SGI IRIX 6.5.19
Apache Software Foundation Apache 1.3.27

Slackware Linux
Slackware Linux 8.1
Apache Software Foundation Apache 1.3.25
Apache Software Foundation Apache 1.3.24

Sun Solaris
Sun Solaris 9.0
Apache Software Foundation Apache 1.3.22
Sun Solaris 8.0_x86
Apache Software Foundation Apache 1.3.22
Sun Solaris 8.0
Apache Software Foundation Apache 1.3.22

S.u.S.E Linux
S.u.S.E. Linux 8.0i386
Apache Software Foundation Apache 1.3.23
S.u.S.E. Linux 8.0
Apache Software Foundation Apache 1.3.23

Trustix Secure Linux
Trustix Secure Linux 1.5
Apache Software Foundation Apache 1.3.26
Apache Software Foundation Apache 1.3.23
Trustix Secure Linux 1.2
Apache Software Foundation Apache 1.3.26
Apache Software Foundation Apache 1.3.23
Trustix Secure Linux 1.1
Apache Software Foundation Apache 1.3.26
Apache Software Foundation Apache 1.3.23

Unisphere Networks
Unisphere Networks SDX-300 2.0.3
Apache Software Foundation Apache 1.3.25
Apache Software Foundation Apache 1.3.24

RECOMMENDED COUNTERMEASURES

Install the following patch:

OpenBSD:
Apply patch at the following location:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/008_httpd.patch

Workaround:
Disable any unnecessary default services. Unless explicitly required, disable the use of the FileETag directive. If the use of FileETAG is required, configure Apache to not return inode information within ETag response headers. Block external access at the network boundary, unless service is required by external parties. Filter traffic to TCP port 80 to avoid unwanted connections to the Apache web server. This may reduce attempts to exploit this and other latent vulnerabilities.

[Blue]Blue[/Blue] [Dragon]

If I wasn't Blue, I would just be a Dragon...
 
Upvote 0 Downvote
Another one:

TECHNICAL OVERVIEW: Apache Software Foundation has posted upgrades to its vulnerable series of products that fix the chunk encoding vulnerability. Some vendors that support the Apache Web Server have provided patches to correct this vulnerability. The system administrator must decide whether to upgrade the Web Server or apply the vendor specific patch.

This vulnerability affects Apache Code versions 1.2.2 through 1.3.24 and code versions 2.0 through 2.0.36. Thus, the impact of this vulnerability is dependent upon the software version and the hardware platform the server is running on.

Overall, there is a bug in the way the Apache web server handles HTTP requests that use &quot;chunked mode&quot;. Chunked mode is a HTTP 1.1 feature that allows a client to send data as a sequence of chunks rather than en bloc. This is useful if it doesn't know the overall length of the content at the time it starts transmitting. This bug can be triggered remotely by sending a carefully crafted invalid request. Further, this functionality is enabled by default.

For Apache Code versions 1.2.2 through 1.3.24, previous versions of Apache did not properly detect incorrectly encoded chunks, causing a buffer overflow on the stack. In most cases on 32-bit architectures, this should cause a segmentation violation and cause the child process to terminate. However, on some 32bit and all 64bit UNIX architectures, it may be possible for an attacker to a exploit the buffer overflow to execute arbitrary code with the privileges of the httpd process but this depends principally on the operating system platform due to variation in how the respective stacks operate. We have been made aware that Apache 1.3 on Windows (Win32) is exploitable in a similar way as well. Successful exploitation of this vulnerability can lead to the execution of arbitrary code on the server with the permissions of the web server child process. This can facilitate the further exploitation of vulnerabilities unrelated to Apache on the local system, potentially allowing the intruder root access.

In Apache 2.0 the error condition is correctly detected, so it will not allow an attacker to execute arbitrary code on the server. However platforms could be using a multithreaded model of multiple concurrent requests per child process (although the default preference remains multiple processes with a single thread and request per process, and most multithreaded models continue to create multiple child processes). Using any multithreaded model, all concurrent requests currently served by the affected child process will be lost. Dependent on a variety of factors, including the threading modal supported by the vulnerable system, this may lead to a Denial-of-Service attack against the Apache Web Server.

VULNERABLE SYSTEMS: Vulnerable systems are listed below. Links to vendor advisories are provided below when available.

Apache Software Foundation

Apache has released a security bulletin that can be viewed at


Additionally, an update to the initial bulletin above can be viewed at


Caldera

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-029.0.txt

Covalent


The following Covalent products are vulnerable:

Enterprise Ready Server (ERS)
Fast Start Server
Managed Server


EnGarde

Guardian Digital ships Apache in all version of EnGarde Secure Linux. This issue was addressed in ESA-20020619-014 which may be found at:


Mandrake (Linux)



OpenBSD

RedHat (Linux)


SGI

The Apache web server is supplied with IRIX by default, and is enabled through &quot;chkconfig&quot; by default. The following versions of IRIX are vulnerable:

IRIX 6.5.12
IRIX 6.5.13 sgi_apache 1.3.26
IRIX 6.5.14 sgi_apache 1.3.26
IRIX 6.5.15 sgi_apache 1.3.26
IRIX 6.5.16 sgi_apache 1.3.26

Trustix



REQUIRED COMPLIANCE ACTIONS: Apply the appropriate patch or upgrade. Patch links are provided below where available. For users with support agreements, some patch sites may require user login.

Note:
For systems using the Apache Web Server stand alone version, apply the patch from the Apache Software Foundation.
For systems using Apache variants bundled with a particular vendor Operating System, system administrators must apply the vendor specific patches and/or upgrades.

Do not install the patch provided by ISS. The ISS patch only addresses some of the vulnerabilities and does not fix the problem in its entirety.

Apache Software Foundation

Users of Apache 1.2.2 to 1.3.24 upgrade to 1.3.26
Users of Apache 2.0 to 2.0.36 upgrade to 2.0.39

The new versions of the Apache software are available from:

Caldera

ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/SRPMS
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/RPMS
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/SRPMS
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RPMS
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/SRPMS


Covalent

Covalent Enterprise Ready Server version 2.1.1 (Apache 2.0.36)

Covalent Fast Start Server version 2.0 (Apache 1.3.12)

Covalent Fast Start Server version 2.1 (Apache 1.3.20)

Covalent Fast Start Server version 3.1.1 (Apache 2.0.36)

Covalent Managed Server version 1.0 (Apache 1.3.12)

Covalent Secure Server version 1.0 (Apache 1.3.12)

Covalent SSL version 1.5.x (Apache 1.3.12)

Covalent SSL version 1.6 (Apache 1.3.20


EnGarde

EnGarde Community users should upgrade to the most recent version as outlined in the advisory at
Updates can be obtained from the following:
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/

Note:
Users of the EnGarde Professional edition can use the Guardian Digital Secure Network to update their systems automatically.

Mandrake (Linux)


Note:
Users of the Mandrake can use MandrakeUpdate to update their systems automatically.


OpenBSD

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/005_httpd.patch


RedHat (Linux)

Red Hat Linux 6.2 Alpha
ftp://updates.redhat.com/6.2/en/os/alpha/apache-1.3.22-5.6.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/apache-devel-1.3.22-5.6.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/apache-manual-1.3.22-5.6.alpha.rpm

Red Hat Linux 6.2 Sparc
ftp://updates.redhat.com/6.2/en/os/sparc/apache-1.3.22-5.6.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/apache-devel-1.3.22-5.6.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/apache-manual-1.3.22-5.6.sparc.rpm

Red Hat Linux 6.2 i386
ftp://updates.redhat.com/6.2/en/os/i386/apache-1.3.22-5.6.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/apache-devel-1.3.22-5.6.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/apache-manual-1.3.22-5.6.i386.rpm

Red Hat Linux 7.0 Alpha
ftp://updates.redhat.com/7.0/en/os/alpha/apache-1.3.22-5.7.1.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/apache-devel-1.3.22-5.7.1.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/apache-manual-1.3.22-5.7.1.alpha.rpm

Red Hat Linux 7.0 i386
ftp://updates.redhat.com/7.0/en/os/i386/apache-1.3.22-5.7.1.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/apache-devel-1.3.22-5.7.1.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/apache-manual-1.3.22-5.7.1.i386.rpm

Red Hat Linux 7.1 Alpha
ftp://updates.redhat.com/7.1/en/os/alpha/apache-1.3.22-5.7.1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/apache-devel-1.3.22-5.7.1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/apache-manual-1.3.22-5.7.1.alpha.rpm

Red Hat Linux 7.1 i386
ftp://updates.redhat.com/7.1/en/os/i386/apache-1.3.22-5.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/apache-devel-1.3.22-5.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/apache-manual-1.3.22-5.7.1.i386.rpm

Red Hat Linux 7.1 ia64
ftp://updates.redhat.com/7.1/en/os/ia64/apache-1.3.22-5.7.1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/apache-devel-1.3.22-5.7.1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/apache-manual-1.3.22-5.7.1.ia64.rpm

Red Hat Linux 7.2 i386
ftp://updates.redhat.com/7.2/en/os/i386/apache-1.3.22-6.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/apache-devel-1.3.22-6.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/apache-manual-1.3.22-6.i386.rpm

Red Hat Linux 7.2 ia64
ftp://updates.redhat.com/7.2/en/os/ia64/apache-1.3.22-6.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/apache-devel-1.3.22-6.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/apache-manual-1.3.22-6.ia64.rpm

Red Hat Linux 7.3 i386
ftp://updates.redhat.com/7.3/en/os/i386/apache-1.3.23-14.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/apache-devel-1.3.23-14.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/apache-manual-1.3.23-14.i386.rpm

SRPMs
ftp://updates.redhat.com/6.2/en/os/SRPMS/apache-1.3.22-5.6.src.rpm
ftp://updates.redhat.com/7.1/en/os/SRPMS/apache-1.3.22-5.7.1.src.rpm
ftp://updates.redhat.com/7.2/en/os/SRPMS/apache-1.3.22-6.src.rpm
ftp://updates.redhat.com/7.3/en/os/SRPMS/apache-1.3.23-14.src.rpm

SGI

SGI has not provided a patch for these issues, but instead has rolled the fixed Apache distribution into IRIX 6.5.17 and later releases of the operating system. To upgrade to an actively supported operating system see:

Trustix




[Blue]Blue[/Blue] [Dragon]

If I wasn't Blue, I would just be a Dragon...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

2
  • Locked
  • Question
Loss of my privacy
Replies
12
Views
2K
Rick998
Rick998
Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
807
Sameer258
Sameer258
PauS0n
  • Locked
  • Question
Need Help On Cisco ASA 5512 Running Version 9
Replies
0
Views
200
PauS0n
PauS0n
mcisar
  • Locked
  • Question
Disable CHAP on PPPoE WAN connection
Replies
0
Views
205
mcisar
mcisar
cbsarge
  • Locked
  • Question
SonicWALL Mobile Connect on Chromebooks
Replies
1
Views
258
jcarmichael1203
jcarmichael1203

Part and Inventory Search

Sponsor

Back
Top