mailing list archives
Re: Apache mod_ssl off-by-one vulnerability
From: Jedi/Sector One <j () pureftpd org>
Date: Sat, 29 Jun 2002 08:55:37 +0200
On Thu, Jun 27, 2002 at 04:32:32PM -0500, Ken.Williams () ey com wrote:
i downloaded mod_ssl-2.8.9-1.3.26 from the modssl.org archive and verified
that it does have the off-by-one error, so it appears that there was a mistake
in the vulnerability advisory.
Yes, there was a typo.
All versions < 2.8.10 are affected.
__ /*- Frank DENIS (Jedi/Sector One) <j () 42-Networks Com> -*\ __
\ '/ <a href="http://www.PureFTPd.Org/"> Secure FTP Server </a> \' /
\/ <a href="http://www.Jedi.Claranet.Fr/"> Misc. free software </a> \/