[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SSL update.. still giving me a Vulnerable status

> > > After updating libssl09 to the latest stable (0.9.4-6.woody.2)
> > > And running the openssl-sslv2-master script from
> > > (http://cert.uni-stuttgart.de/advisories/openssl-sslv2-master.php)
> > The test program is being stupid and just looking at the version string.
> > It sees 0.9.4 and thinks you're vulnerable.  You aren't.
> No, it checks a large and a small overflow. Jeroen, have you restarted
> the httpd? If not, it is still running with the old library.
I shut the whole apache down (both http and http-ssl).

> On my Woody machine, after I restarted httpd, I get
> 443 PATCHED: detects small overflow, but crashes (0.9.6e) 443 VULNERABLE: does not detect small overflow

I don't get that number behind it btw...

Thanks for all the support...

Jeroen  de Leeuw den Bouter
the world downunder.....  still on top of it...

Reply to: