Security Bulletin SSRT4853

Eric Hince · ‎10-29-2004

In reviewing this bulletin, I see a command to determine if Apache is installed; the command is: swlist -l product | grep -i apache
When I run this command, the output is:
ApacheStrong 1.3.19.23 HP Apache-based Web Server with Strong (128bit) Encryption

It does NOT list hpuxwsAPACHE which apparently is the product that needs to be updated. Does this mean that the patch does not apply to me? Thanks.

Eric

Steven E. Protter · ‎10-29-2004

That isa very old version of apache, ported by HP.

swlist -l fileset | grep -i hpws

That will let you know. The bulliten probably applies to Apache 2.0.x, not 1.2.19.23 which HP pulled support on over a year ago. If my pea brain molecules are working right this late on a Friday.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Eric Hince · ‎10-29-2004

Thanks for the quick reply. I ran the command that you suggested and it didn't return anything. I'm thinking that you may be right about the version change. Any way I can definitively determine that the patch does not apply to this version? Thanks.

Eric

John Morris · ‎11-18-2004

ApacheStrong has been unsupported since July 1, 2003. We have released a security bulletin recommending that customers use hpuxwsAPACHE instead.

The bulletin is available on the itrc:

HPSBUX01098 SSRT4865 rev.0 ApacheStrong remote
Denial of Service (Dos) or arbitrary code execution

John Morris
HP Software Security Response Team (SSRT)

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Security Bulletin SSRT4853

Security Bulletin SSRT4853

Re: Security Bulletin SSRT4853

Re: Security Bulletin SSRT4853

Re: Security Bulletin SSRT4853