Reco: > Hi. > > On Tue, Apr 08, 2014 at 04:49:13PM +0200, Jochen Spieker wrote: > >> Am I doing anything wrong? Is the testing tool broken? I also tried the >> one at https://gist.github.com/takeshixx/10107280 which confirms there >> is still a problem on port 443 (HTTPS served by Apache). > > No, chances are, you're using the tool correctly. > I'm using this [1] to test servers for this vulnerability (as I can't > force myself to install Go), and your server shows as vulnerable. > > [1] http://pastebin.com/WmxzjkXJ
Thanks for confirming this. But I don't get how this is possible. I
upgraded the library that Apache (supposedly) uses and rebooted the
machine afterwards. I even re-installed all Apache packages just to make
that they are ok.
J.
--
Fashion is more important to me than war, famine, disease or art.
[Agree] [Disagree]
<http://www.slowlydownward.com/NODATA/data_enter2.html>
signature.asc
Description: Digital signature
