Re: apache sec hole..

Subject: Re: apache sec hole..
From: Christopher E. Brown (cbrown@woods.net)
Date: Fri Jun 28 2002 - 10:43:01 AKDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Bob Crosby: "Re: extracting data from html files"
• Previous message: Cisco: "sed problem"
• In reply to: Herr Nagengast: "Re: apache sec hole.."
• Next in thread: FeLoNiouS MoNK: "Re: apache sec hole.."
• Reply: Christopher E. Brown: "Re: apache sec hole.."
• Reply: Christopher E. Brown: "Re: apache sec hole.."

On Thu, 27 Jun 2002, Herr Nagengast wrote:

>
> On Thu, 27 Jun 2002, FeLoNiouS MoNK wrote:
>
> > I got the word down today that someone at gobbles team made an
> > exploit multiwide for apache .. anything 1.3.26 or below...
>
> I haven't followed this terribley closely, but don't you mean
> 1.3.25 or below? (and below 2.0.39?)
>
> I'm not trying to be overly pedantic, but there's not something in
> the wild that hasn't been addressed, is there?

No, is bug that has been public for over a week.
It was originally though to be a DoS only (force apache childred to
seg, one could DoS the system at 1/100 the request rate it could
normally handle). However they have found that you can force exec of
hostile code under the httpd user id for all platforms.

There are sploits in the wild.

-- 
I route, therefore you are.
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

• Next message: Bob Crosby: "Re: extracting data from html files"
• Previous message: Cisco: "sed problem"
• In reply to: Herr Nagengast: "Re: apache sec hole.."
• Next in thread: FeLoNiouS MoNK: "Re: apache sec hole.."
• Reply: Christopher E. Brown: "Re: apache sec hole.."
• Reply: Christopher E. Brown: "Re: apache sec hole.."

This archive was generated by hypermail 2a23 : Fri Jun 28 2002 - 10:52:30 AKDT