Re: apache sec hole..


Subject: Re: apache sec hole..
From: FeLoNiouS MoNK (codered@gci.net)
Date: Fri Jun 28 2002 - 23:42:29 AKDT


along wit scalp_c.htm on my site .. i just put this one up also ....

http://www.sinisterfue.org/apache-worm.c

----- Original Message -----
From: "James Zuelow" <jamesz@ideafamilies.org>
To: <aklug@aklug.org>
Sent: Friday, June 28, 2002 1:08 PM
Subject: RE: apache sec hole..

>
>
>
> > -----Original Message-----
> > From: aklug-bounce@aklug.org [mailto:aklug-bounce@aklug.org]On Behalf Of
> > FeLoNiouS MoNK
> > Sent: Friday, June 28, 2002 11:22 AM
> > Subject: Re: apache sec hole..
> >
> > if you want it just change the name to scalp.c and give it a
> > whirl .. lol...
> >
> >
> I actually tried that as soon as the exploit was posted to
> securityfocus.com. I tested two servers, one Apache 1.3.24 and one Apache
> 2.0.35, both on OpenBSD 3.0. I could crash Apache at home (2.0.35), but
> that was as far as the brute force method would get me (set the target ID
to
> any digit other than the listed targets, and it tries to brute force the
> target server). I tried the specific attack as well on the 1.3.24 server,
> but again all it did was crash Apache instead of giving me a shell.
>
> There are probably some other variables in my installations that the
exploit
> didn't account for, but I'm not enough of a C guru to figure out what they
> might be.
>
> Cheers,
>
> James
>
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
>

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.



This archive was generated by hypermail 2a23 : Fri Jun 28 2002 - 23:42:35 AKDT