RE: apache sec hole..

Subject: RE: apache sec hole..
From: James Zuelow (jamesz@ideafamilies.org)
Date: Fri Jun 28 2002 - 13:08:55 AKDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: Michael Fowler: "Re: extracting data from html files"
Previous message: Christopher Swingley: "Re: extracting data from html files"
In reply to: FeLoNiouS MoNK: "Re: apache sec hole.."
Next in thread: James Gibson: "RE: apache sec hole.."
Reply: James Zuelow: "RE: apache sec hole.."
Reply: James Zuelow: "RE: apache sec hole.."

> -----Original Message-----
> From: aklug-bounce@aklug.org [mailto:aklug-bounce@aklug.org]On Behalf Of
> FeLoNiouS MoNK
> Sent: Friday, June 28, 2002 11:22 AM
> Subject: Re: apache sec hole..
>
> if you want it just change the name to scalp.c and give it a
> whirl .. lol...
>
>
I actually tried that as soon as the exploit was posted to
securityfocus.com. I tested two servers, one Apache 1.3.24 and one Apache
2.0.35, both on OpenBSD 3.0. I could crash Apache at home (2.0.35), but
that was as far as the brute force method would get me (set the target ID to
any digit other than the listed targets, and it tries to brute force the
target server). I tried the specific attack as well on the 1.3.24 server,
but again all it did was crash Apache instead of giving me a shell.

There are probably some other variables in my installations that the exploit
didn't account for, but I'm not enough of a C guru to figure out what they
might be.

Cheers,

James

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

Next message: Michael Fowler: "Re: extracting data from html files"
Previous message: Christopher Swingley: "Re: extracting data from html files"
In reply to: FeLoNiouS MoNK: "Re: apache sec hole.."
Next in thread: James Gibson: "RE: apache sec hole.."
Reply: James Zuelow: "RE: apache sec hole.."
Reply: James Zuelow: "RE: apache sec hole.."

This archive was generated by hypermail 2a23 : Fri Jun 28 2002 - 13:09:00 AKDT