Re: [d-security] Re: Fwd: bugtraq.c httpd apache ssl attack

To: debian-security@lists.debian.org
Subject: Re: [d-security] Re: Fwd: bugtraq.c httpd apache ssl attack
From: Christian Hammers <ch@debian.org>
Date: Sat, 14 Sep 2002 13:16:32 +0200
Message-id: <[🔎] 20020914111632.GB23313@westend.com>
Mail-followup-to: Christian Hammers <ch@debian.org>, debian-security@lists.debian.org
In-reply-to: <[🔎] 20020914105600.GU9150@wiggy.net>
References: <[🔎] 20020913172528.GA12508@zionlth.org> <[🔎] 20020914105600.GU9150@wiggy.net>

On Sat, Sep 14, 2002 at 12:56:00PM +0200, Wichert Akkerman wrote:
> Previously Phillip Hofmeister wrote:
> > I am using RedHat 7.3 with Apache 1.3.23. Someone used the 
> > program "bugtraq.c" to explore an modSSL buffer overflow to get access to 
> > a shell. The attack creates a file named "/tmp/.bugtraq.c" and compiles it 
> > using gcc.
> 
> One wonders why you would have gcc installed on a webserver..
/me too, Perl can do everything you need and is even "Priority: required".

(Wanted to say that having installed gcc/nc/tcpdump/etc. or not is not
much of a difference. You always find a way to transfer arbitrary data
once you're root on the system. Writing a simple php page that acts as 
your command center and saves files is only one way.)

bye,

-christian-

Reply to:

References:
- Fwd: bugtraq.c httpd apache ssl attack
  - From: Phillip Hofmeister <plhofmei@zionlth.org>
- Re: Fwd: bugtraq.c httpd apache ssl attack
  - From: Wichert Akkerman <wichert@wiggy.net>

Prev by Date: Re: Fwd: bugtraq.c httpd apache ssl attack
Next by Date: Re: Fwd: bugtraq.c httpd apache ssl attack
Previous by thread: Re: Fwd: bugtraq.c httpd apache ssl attack
Next by thread: Re: Fwd: bugtraq.c httpd apache ssl attack
Index(es):
- Date
- Thread