[CentOS-devel] may Centos be vulnerable to this bug?

Fri Mar 2 19:42:20 UTC 2007
Johnny Hughes <mailing-lists at hughesjr.com>

On Fri, 2007-03-02 at 09:39 -0800, Roger Peña wrote:
> --- Roger Peña <orkcu at yahoo.com> wrote:
> 
> > As this bugtrack say "binaries from redhat" are not
> > vulnerables but what happen to recompilations?
> >
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200219
> > 
> > I understand that it is the compilation process what
> > make this bug not exploitable and not the source
> > code
> > so, the question is:
> > is the httpd binary from centos exploitable?
> > 
> > 
> > I could not find any refence in the web about this
> > topic.
> > maybe I should ask in the centos-user mailling list
> > but because it is a compilation thing ..... I guess
> > centos developer are the right to anwser 
> > 
> sorry, I forgot to mention that I do test the
> following "proof of concept" test:
> 
> http://www.securityfocus.com/archive/1/archive/1/443870/100/0/threaded
> 
> and httpd-2.0.52-28.ent.centos4 give the "302 Found"
> page so at least with that test I could not probe if
> it is vulnerable or not
> 

If it did do a "302 Found" ... then it is not vulnerable:

from the article:

"If your web server doesn't reply you with a '302 Found' page or a
Segmentation Fault appears in your error_log, an apache child has
crashed and your web server is vulnerable and exploitable."

So a 302 found is good.

Thanks,
Johnny Hughes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20070302/222dc49a/attachment-0007.sig>