Re: [d-security] Re: Fwd: bugtraq.c httpd apache ssl attack
On Sat, Sep 14, 2002 at 12:56:00PM +0200, Wichert Akkerman wrote:
> Previously Phillip Hofmeister wrote:
> > I am using RedHat 7.3 with Apache 1.3.23. Someone used the
> > program "bugtraq.c" to explore an modSSL buffer overflow to get access to
> > a shell. The attack creates a file named "/tmp/.bugtraq.c" and compiles it
> > using gcc.
> One wonders why you would have gcc installed on a webserver..
/me too, Perl can do everything you need and is even "Priority: required".
(Wanted to say that having installed gcc/nc/tcpdump/etc. or not is not
much of a difference. You always find a way to transfer arbitrary data
once you're root on the system. Writing a simple php page that acts as
your command center and saves files is only one way.)