|
OpenBSD_3_9_004: SECURITY FIX: July 30, 2006 |
|
|
|
środa, 23 sierpień 2006 -
Napisał: Rafał Krzysztof Andrzejewski (3846 odsłon)
|
httpd mod_rewrite has a potentially exploitable off-by-one buffer overflow. The buffer overflow may result in a vulnerability which, in combination with certain types of Rewrite rules in the web server configuration files, could be triggered remotely. The default install is not affected by the buffer overflow. CVE-2006-3747
a) ściągnij patch z podanej niżej lokalizacji:
# fetch ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/004_httpd.patch
b) następnie zaaplikuj "łatkę" w systemie:
# cd /usr/src
# patch -p0 < 004_httpd.patch
c) przekompiluj i zainstaluj
# cd usr.sbin/httpd
# make -f Makefile.bsd-wrapper obj
# make -f Makefile.bsd-wrapper cleandir
# make -f Makefile.bsd-wrapper depend
# make -f Makefile.bsd-wrapper
# make -f Makefile.bsd-wrapper install
# apachectl stop
# make install
# apachectl start
|
|
Ostatnio aktualizowany ( środa, 23 sierpień 2006 )
|
|
|
Security Advisory 
Postfix - "Krok po kroku" v1.1
sdi.sh
uEagle 1.0p1
