Fwd: bugtraq.c httpd apache ssl attack
Even through we are not mentioned are we vulnerable to this attack?
----- Forwarded message from Fernando Nunes <fmcn@netcabo.pt> -----
Envelope-to: plhofmei@zionlth.org
Delivery-date: Fri, 13 Sep 2002 13:20:23 -0400
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Date: 13 Sep 2002 13:55:17 -0000
X-Mailer: MIME-tools 5.411 (Entity 5.404)
From: Fernando Nunes <fmcn@netcabo.pt>
To: bugtraq@securityfocus.com
Subject: bugtraq.c httpd apache ssl attack
I am using RedHat 7.3 with Apache 1.3.23. Someone used the
program "bugtraq.c" to explore an modSSL buffer overflow to get access to
a shell. The attack creates a file named "/tmp/.bugtraq.c" and compiles it
using gcc. The program is started with another computer ip address as
argument. All computer files that the user "apache" can read are exposed.
The program attacks the following Linux distributions:
Red-Hat: Apache 1.3.6,1.3.9,1.3.12,1.3.19,1.3.20,1.3.22,1.3.23,1.3.26
SuSe: Apache 1.3.12,1.3.17,1.3.19,1.3.20,1.3.23
Mandrake: 1.3.14,1.3.19
Slakware: Apache 1.3.26
Regards
Fernando Nunes
Portugal
----- End forwarded message -----
--
Phil
PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/ | gpg --import
XP Source Code:
#include <win2k.h>
#include <extra_pretty_things_with_bugs.h>
#include <more_bugs.h>
#include <require_system_activation.h>
#include <phone_home_every_so_often.h>
#include <remote_admin_abilities_for_MS.h>
#include <more_restrictive_EULA.h>
#include <sell_your_soul_to_MS_EULA.h>
//os_ver="Windows 2000"
os_ver="Windows XP"
Reply to: