Vulnerability Development mailing list archives
Re: Apache vulnerability checking
From: Alex Balayan <balayan () bigpond net au>
Date: Thu, 27 Jun 2002 03:27:55 +0800
I don't get any results when I scan with Retina - Apache Chunked Scanner. Although I have patch the I should still see resulting outcome of the scan.
The server specs: HTTP/1.1 200 OK Date: Wed, 26 Jun 2002 17:22:17 GMTServer: Apache/1.3.24 (Unix) mod_perl/1.25 PHP/4.0.4pl1 mod_ssl/2.8.8 OpenSSL/0.9.6
Last-Modified: Thu, 18 Apr 2002 16:00:43 GMT ETag: "2581e-16e9-3cbeedab" Accept-Ranges: bytes Content-Length: 5865 Connection: close Content-Type: text/html Any ideas on how I can test to see if my server is still vulnerable? Thanks in advance. TH> patch. For instance, eEye's tool reports my patched RH7.2 server as
TH> "vulnerable", because it only checks the server string, it doesn't try TH> to exploit the vulnerability. That's interesting.. If you sniff the tool, you'll see it does a HEAD, and then posts to x.html with a chunk encoding.. It seems to be doing more than just reading the version on the banner. (This is as of 2 hours ago, maybe they updated their tool). It appears to actually exploit it for the testing. I didn't trace the tool it self, only from what the packet capture says.
Current thread:
- Apache vulnerability checking Syzop (Jun 23)
- RE: Apache vulnerability checking Elan Hasson (Jun 24)
- <Possible follow-ups>
- Re: Apache vulnerability checking Toni Heinonen (Jun 24)
- Re: Apache vulnerability checking Syzop (Jun 26)
- Re: Apache vulnerability checking Laurentiu Nicula (Jun 26)
- Message not available
- Re: Apache vulnerability checking Alex Balayan (Jun 26)
- Re: Apache vulnerability checking Syzop (Jun 26)