apache sec hole..

Subject: apache sec hole..
From: FeLoNiouS MoNK (codered@gci.net)
Date: Thu Jun 27 2002 - 21:50:56 AKDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Herr Nagengast: "Re: apache sec hole.."
• Previous message: Anthony Valentine: "RE: positive linux news article"
• Next in thread: Herr Nagengast: "Re: apache sec hole.."

I got the word down today that someone at gobbles team made an exploit multiwide for apache .. anything 1.3.26 or below... havnt messed wit it but i have faith in the guy who brought it to my attention ... here is a very very abridged list of some servers that are vuln.. as you can see some 1.3.22 servers are non vuln by this new sploit and i dont know why ... but beware cause 1,000,000 script kiddies are out there scanin your boxen.. =]

sploit: sscalp.c

1 210.230.51.130 ns1.put.co.jp Apache/1.3.22 (Unix)VULNERABLE
2 210.230.51.133 cs1.put.co.jp Apache/1.3.19 Ben-SSL/1.42 (Unix)
PHP/4.0.4pl1VULNERABLE
3 210.230.51.137 cs1.prime-link.jp Apache/1.3.19 Ben-SSL/1.42 (Unix)
PHP/4.0.4pl1VULNERABLE
4 210.230.51.135 Apache/1.3.23 (Unix)
PHP/4.1.2VULNERABLE
5 210.230.51.136 Apache/1.3.23 (Unix)
PHP/4.1.2VULNERABLE
6 210.230.51.138 cs1.dilucajapan.co.jp Apache/1.3.19 Ben-SSL/1.42 (Unix)
PHP/4.0.4pl1VULNERABLE
7 210.230.51.11 fril.wig.nu Apache/1.3.22 (Unix)Not vulnerable
8 210.230.

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

• Next message: Herr Nagengast: "Re: apache sec hole.."
• Previous message: Anthony Valentine: "RE: positive linux news article"
• Next in thread: Herr Nagengast: "Re: apache sec hole.."

This archive was generated by hypermail 2a23 : Thu Jun 27 2002 - 21:52:30 AKDT