--- Johnny Hughes <mailing-lists at hughesjr.com> wrote: > On Fri, 2007-03-02 at 09:39 -0800, Roger Peña wrote: > > --- Roger Peña <orkcu at yahoo.com> wrote: > > > > > As this bugtrack say "binaries from redhat" are > not > > > vulnerables but what happen to recompilations? > > > > > > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200219 > > > > > > I understand that it is the compilation process > what > > > make this bug not exploitable and not the source > > > code > > > so, the question is: > > > is the httpd binary from centos exploitable? > > > > > > > > > I could not find any refence in the web about > this > > > topic. > > > maybe I should ask in the centos-user mailling > list > > > but because it is a compilation thing ..... I > guess > > > centos developer are the right to anwser > > > > > sorry, I forgot to mention that I do test the > > following "proof of concept" test: > > > > > http://www.securityfocus.com/archive/1/archive/1/443870/100/0/threaded > > > > and httpd-2.0.52-28.ent.centos4 give the "302 > Found" > > page so at least with that test I could not probe > if > > it is vulnerable or not > > > > If it did do a "302 Found" ... then it is not > vulnerable: > > from the article: > > "If your web server doesn't reply you with a '302 > Found' page or a > Segmentation Fault appears in your error_log, an > apache child has > crashed and your web server is vulnerable and > exploitable." > > So a 302 found is good. > yes, I know it is good but can't see why this is a sufficient condition to say "not vulnerable" of course, what I can see is that if I got another page or make a fault then I can say "it is vulnerable" do you see my point? ;-) I think it is not a two way relation: if A imply B do not meant B imply A but, I am not saying that centos binary are vulnerables!!! just that I can't find an explanation to say "not vulnerable" because uptreams is not. also, I could not had the time yet to verify what is the the following fix to mod_rewrite: * Tue Jun 20 2006 Joe Orton <jorton at redhat.com> 2.0.52-26.ent - add mod_rewrite ldap scheme handling fix does anybody know if this is the source code fix to this vulnerability (back ported)? the date of this fix is before the date of the redhat bugtrack and before the CVS assignation (20060720) so it looks not related but I could be wrong... thanks roger PD: I guess this is the first time I can see the difference that some people try to stress when they say : "they are not RHEL clones, they are recompilations" __________________________________________ RedHat Certified Engineer ( RHCE ) Cisco Certified Network Associate ( CCNA ) ____________________________________________________________________________________ Need Mail bonding? Go to the Yahoo! Mail Q&A for great tips from Yahoo! Answers users. http://answers.yahoo.com/dir/?link=list&sid=396546091