[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Fwd: bugtraq.c httpd apache ssl attack

Previously Phillip Hofmeister wrote:
> I am using RedHat 7.3 with Apache 1.3.23. Someone used the 
> program "bugtraq.c" to explore an modSSL buffer overflow to get access to 
> a shell. The attack creates a file named "/tmp/.bugtraq.c" and compiles it 
> using gcc.

One wonders why you would have gcc installed on a webserver..


 /wichert@wiggy.net         This space intentionally left occupied \
| wichert@deephackmode.org                    http://www.wiggy.net/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |

Reply to: