LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 05-21-2007, 11:54 AM   #16
Alien_Hominid
Senior Member
 
Registered: Oct 2005
Location: Lithuania
Distribution: Hybrid
Posts: 2,247

Rep: Reputation: 53

If this doesn't work, grab the slackbuild and source of apache from 11. Modify slackbuild accordingly and try compiling yourself.
 
Old 05-21-2007, 12:30 PM   #17
z-man5
LQ Newbie
 
Registered: Feb 2007
Distribution: Debian
Posts: 29

Original Poster
Rep: Reputation: 15
Drumz, I checked updates directory, but no newer versions of Apache, OpenSSL or ModSSL were released for 11.0.
I just checked the Extra folder and it doesn't seem to have anything that I need.

pkgtool shows openssl-0.9.8d-i486-1 and openssl-solibs-0.9.8d-i486-1.

Alien_Hominid, I was hoping someone would say "I have the same problem and it would be great if the Slackware team recompiled the necessary packages and put them into Updates directory"...
 
Old 05-21-2007, 12:49 PM   #18
Alien_Hominid
Senior Member
 
Registered: Oct 2005
Location: Lithuania
Distribution: Hybrid
Posts: 2,247

Rep: Reputation: 53
Usually Pat does not release updates to stable branch (11) unless there are some security threats or bugs.
Please inform him about this issue and if it is serious, it will be fixed.
Current branch is for testing of newest packages and all updates firstly goes there.
 
Old 05-24-2007, 08:46 AM   #19
z-man5
LQ Newbie
 
Registered: Feb 2007
Distribution: Debian
Posts: 29

Original Poster
Rep: Reputation: 15
I did get a response from Pat:
Quote:
I would do nothing. If you've applied all the security patches to
Slackware 11.0 then you're running openssl-0.9.8d regardless of what a
(possible?) typo in the logfile might say. nmap -sV localhost should
confirm this.
I run nmap, and it showed this:
Quote:
# nmap -sV localhost
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2007-05-22 16:44 EDT
Interesting ports on localhost.localdomain (127.0.0.1):
Not shown: (...) closed ports
PORT STATE SERVICE VERSION
(...)
80/tcp open http Apache httpd 1.3.37 ((Unix) mod_ssl/2.8.28 OpenSSL/0.9.8b)
443/tcp open http Apache httpd 1.3.37 ((Unix) mod_ssl/2.8.28 OpenSSL/0.9.8b)
(...)
Nmap finished: 1 IP address (1 host up) scanned in 113.700 seconds
Also the "LoadModule ssl_module libexec/apache/libssl.so" file was modified prior to release of OpenSSL 0.9.8d:
Quote:
# ls -l /usr/libexec/apache/libssl.so
-rwxr-xr-x 1 root root 176616 2006-07-28 17:32 /usr/libexec/apache/libssl.so*
So I replied to him, but I'm about to go on a 2 weeks vacation and wanted to have this straightened out, so I followed your advice Alien and downloaded source for mod_ssl and compiled it.

Now it's logging version OpenSSL 0.9.8d:
Quote:
[23/May/2007 20:26:35 18205] [info] Server: Apache/1.3.37, Interface: mod_ssl/2.8.28, Library: OpenSSL/0.9.8d
And nmap shows it too:
Quote:
# nmap -sV localhost
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2007-05-23 20:28 EDT
Interesting ports on localhost.localdomain (127.0.0.1):
Not shown: (...) closed ports
PORT STATE SERVICE VERSION
(...)
80/tcp open http Apache httpd 1.3.37 ((Unix) mod_ssl/2.8.28 OpenSSL/0.9.8d)
443/tcp open http Apache httpd 1.3.37 ((Unix) mod_ssl/2.8.28 OpenSSL/0.9.8d)
(...)
Nmap finished: 1 IP address (1 host up) scanned in 113.817 seconds
Do you know of any hacking tools that would allow testing the OpenSSL vulnerabilities prior to 0.9.8d?

So I'm a happy noob now, but something tells me that Slackware 11.0 is not a popular choice for Apache with OpenSSL?
 
Old 05-24-2007, 12:56 PM   #20
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 125Reputation: 125
FYI: Nmap only reports what the Apache banner reports, which would be whatever the logfile says as well.
 
Old 05-24-2007, 01:24 PM   #21
rworkman
Slackware Contributor
 
Registered: Oct 2004
Location: Tuscaloosa, Alabama (USA)
Distribution: Slackware
Posts: 2,303

Rep: Reputation: 808Reputation: 808Reputation: 808Reputation: 808Reputation: 808Reputation: 808Reputation: 808
Code:
rworkman@cardinal:~$ ldd /usr/libexec/apache/libssl.so 
        linux-gate.so.1 =>  (0xffffe000)
        libssl.so.0 => /usr/lib/libssl.so.0 (0xa7ef5000)
        libcrypto.so.0 => /usr/lib/libcrypto.so.0 (0xa7dbb000)
        libc.so.6 => /lib/tls/libc.so.6 (0xa7c8c000)
        libdl.so.2 => /lib/tls/libdl.so.2 (0xa7c88000)
        /lib/ld-linux.so.2 (0x75555000)
rworkman@cardinal:~$ ls -l /usr/lib/libssl.*
-rw-r--r-- 1 root root 394810 2006-09-29 02:49 /usr/lib/libssl.a
lrwxrwxrwx 1 root root     11 2006-12-29 17:21 /usr/lib/libssl.so -> libssl.so.0*
lrwxrwxrwx 1 root root     15 2006-12-29 17:21 /usr/lib/libssl.so.0 -> libssl.so.0.9.8*
-r-xr-xr-x 1 root root 252092 2006-09-29 02:49 /usr/lib/libssl.so.0.9.8*
In other words, it seems to me that regardless of what your logs are showing, you're using whatever is provided with the openssl package you have installed.
 
Old 05-24-2007, 03:26 PM   #22
Alien_Hominid
Senior Member
 
Registered: Oct 2005
Location: Lithuania
Distribution: Hybrid
Posts: 2,247

Rep: Reputation: 53
There is backtrack: http://www.remote-exploit.org/backtrack.html
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
rm -r /var/log - oops - pkgtool package list gone technomeister Slackware 12 02-06-2007 12:37 AM
Could not find working OpenSSL library, please install or check config.log -newb ques botman SUSE / openSUSE 4 10-19-2005 05:03 PM
What version of OpenSSL is installed by default with FC4? t3gah Fedora 1 03-27-2005 03:49 PM
openssl log dominant Linux - Security 6 10-15-2004 02:43 AM
OpenSSL version mismatch. Built against 90604f, you have 90702f...? Tarts Slackware 2 10-24-2003 04:04 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 12:59 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration