Apache and security (WAS: RE: What is "Manage Authorized Reseller Profile" in the RWI?)

From: Charles Daminato (chuck@tucows.com)
Date: Tue Oct 15 2002 - 10:02:20 EDT

> Not to mention that the server from which this product is being served
> seems to be running outdated (and possibly even vulnerable) versions of
> Apache and mod_php. Heck, rr-n1-tor.opensrs.net is even running old
> versions of Apache and OpenSSL with known buffer overflows.

Note that all our services, even if "older/outdated", are not vulnerable and
appropriate measures have been taken to ensure they are secure. rr-n1-tor
is NOT running SSLv2, which is where the OpenSSL buffer overflow is
exploitable - so there's no concern there.

Charles Daminato
OpenSRS Product Manager
Tucows Inc. - chuck@tucows.com

This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:37:28 EDT