--- Roger Peña <orkcu at yahoo.com> wrote: > As this bugtrack say "binaries from redhat" are not > vulnerables but what happen to recompilations? > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200219 > > I understand that it is the compilation process what > make this bug not exploitable and not the source > code > so, the question is: > is the httpd binary from centos exploitable? > > > I could not find any refence in the web about this > topic. > maybe I should ask in the centos-user mailling list > but because it is a compilation thing ..... I guess > centos developer are the right to anwser > sorry, I forgot to mention that I do test the following "proof of concept" test: http://www.securityfocus.com/archive/1/archive/1/443870/100/0/threaded and httpd-2.0.52-28.ent.centos4 give the "302 Found" page so at least with that test I could not probe if it is vulnerable or not again, thanks in advance for any anwser roger __________________________________________ RedHat Certified Engineer ( RHCE ) Cisco Certified Network Associate ( CCNA ) ____________________________________________________________________________________ We won't tell. Get more on shows you hate to love (and love to hate): Yahoo! TV's Guilty Pleasures list. http://tv.yahoo.com/collections/265