Re: apache sec hole..

Subject: Re: apache sec hole..
From: FeLoNiouS MoNK (codered@gci.net)
Date: Fri Jun 28 2002 - 11:21:31 AKDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Christopher Swingley: "Re: extracting data from html files"
• Previous message: Peter Q. Olsson: "Re: sed problem"
• In reply to: Christopher E. Brown: "Re: apache sec hole.."
• Next in thread: James Zuelow: "RE: apache sec hole.."
• Reply: FeLoNiouS MoNK: "Re: apache sec hole.."
• Reply: FeLoNiouS MoNK: "Re: apache sec hole.."

i put it up on my website if any wanna take a l00k!

http://www.sinisterfue.org/scalp_c.htm

if you want it just change the name to scalp.c and give it a whirl .. lol...

>
>
> No, is bug that has been public for over a week.
> It was originally though to be a DoS only (force apache childred to
> seg, one could DoS the system at 1/100 the request rate it could
> normally handle). However they have found that you can force exec of
> hostile code under the httpd user id for all platforms.
>
>
> There are sploits in the wild.
>
> --
> I route, therefore you are.
>
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
>

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

• Next message: Christopher Swingley: "Re: extracting data from html files"
• Previous message: Peter Q. Olsson: "Re: sed problem"
• In reply to: Christopher E. Brown: "Re: apache sec hole.."
• Next in thread: James Zuelow: "RE: apache sec hole.."
• Reply: FeLoNiouS MoNK: "Re: apache sec hole.."
• Reply: FeLoNiouS MoNK: "Re: apache sec hole.."

This archive was generated by hypermail 2a23 : Fri Jun 28 2002 - 11:21:41 AKDT