[CentOS-devel] may Centos be vulnerable to this bug?

Roger Peña orkcu at yahoo.com
Fri Mar 2 17:39:03 UTC 2007

--- Roger Peña <orkcu at yahoo.com> wrote:

> As this bugtrack say "binaries from redhat" are not
> vulnerables but what happen to recompilations?
> I understand that it is the compilation process what
> make this bug not exploitable and not the source
> code
> so, the question is:
> is the httpd binary from centos exploitable?
> I could not find any refence in the web about this
> topic.
> maybe I should ask in the centos-user mailling list
> but because it is a compilation thing ..... I guess
> centos developer are the right to anwser 
sorry, I forgot to mention that I do test the
following "proof of concept" test:


and httpd-2.0.52-28.ent.centos4 give the "302 Found"
page so at least with that test I could not probe if
it is vulnerable or not

again, thanks in advance for any anwser

RedHat Certified Engineer ( RHCE )
Cisco Certified Network Associate ( CCNA )

We won't tell. Get more on shows you hate to love 
(and love to hate): Yahoo! TV's Guilty Pleasures list.

More information about the CentOS-devel mailing list