[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Fwd: bugtraq.c httpd apache ssl attack

Even through we are not mentioned are we vulnerable to this attack?

----- Forwarded message from Fernando Nunes <fmcn@netcabo.pt> -----

Envelope-to: plhofmei@zionlth.org
Delivery-date: Fri, 13 Sep 2002 13:20:23 -0400
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Date: 13 Sep 2002 13:55:17 -0000
X-Mailer: MIME-tools 5.411 (Entity 5.404)
From: Fernando Nunes <fmcn@netcabo.pt>
To: bugtraq@securityfocus.com
Subject: bugtraq.c httpd apache ssl attack

I am using RedHat 7.3 with Apache 1.3.23. Someone used the 
program "bugtraq.c" to explore an modSSL buffer overflow to get access to 
a shell. The attack creates a file named "/tmp/.bugtraq.c" and compiles it 
using gcc. The program is started with another computer ip address as 
argument. All computer files that the user "apache" can read are exposed.
The program attacks the following Linux distributions:

Red-Hat: Apache 1.3.6,1.3.9,1.3.12,1.3.19,1.3.20,1.3.22,1.3.23,1.3.26
SuSe: Apache 1.3.12,1.3.17,1.3.19,1.3.20,1.3.23
Mandrake: 1.3.14,1.3.19
Slakware: Apache 1.3.26

Fernando Nunes

----- End forwarded message -----


wget -O - http://www.zionlth.org/~plhofmei/ | gpg --import

XP Source Code:

#include <win2k.h>
#include <extra_pretty_things_with_bugs.h>
#include <more_bugs.h>
#include <require_system_activation.h>
#include <phone_home_every_so_often.h>
#include <remote_admin_abilities_for_MS.h>
#include <more_restrictive_EULA.h>
#include <sell_your_soul_to_MS_EULA.h>
//os_ver="Windows 2000"
os_ver="Windows XP"

Reply to: