FW: Remote Apache 1.3.x Exploit
Rehor Petr
petr.rehor at i.cz
Thu Jun 20 13:31:53 CEST 2002
Mozna, ze vsichni nectete freebsd-security tak pro jistotu.
Na Segmentation fault skoncil muj apache-1.3.20 na FreeBSD 4.5-RELEASE
i apache-1.3.23+russian-30.11+mod_ssl-2.8.7 na FreeBSD 4.6-PRERELEASE
(ackoliv ve freebsd-security probehlo ze rusky apache nachylny neni).
Petr Rehor
ICZ a.s.
Pobocka Ceske Budejovice
J. S. Baara 40, 370 01 Ceske Budejovice, CZ
Tel: +420 (38) 731 28 08
Fax: +420 (38) 731 14 80
mailto:petr.rehor at i.cz
http://www.i.cz
> -----Original Message-----
> From: Muhammad Faisal Rauf Danka [mailto:mfrd at attitudex.com]
> Sent: Thursday, June 20, 2002 11:50 AM
> To: isp-tech at isp-tech.com; isp-security at isp-security.com;
> isp-linux at isp-linux.com
> Cc: freebsd-security at FreeBSD.ORG; security-discuss at linuxsecurity.com
> Subject:
>
>
> GOBBLES Security released Remote Apache 1.3.x Exploit, at
> http://online.securityfocus.com/attachment/2002-06-20/apache-scalp.c
>
> As it's mentioned in the exploit that:
> < * The "experts" have already concurred that this bug...
> * - Can not be exploited on 32-bit *nix variants
> * - Is only exploitable on win32 platforms
> * - Is only exploitable on certain 64-bit systems
> *
> * However, contrary to what ISS would have you believe, we have
> * successfully exploited this hole on the following
> operating systems:
> *
> * Sun Solaris 6-8 (sparc/x86)
> * FreeBSD 4.3-4.5 (x86)
> * OpenBSD 2.6-3.1 (x86)
> * Linux (GNU) 2.4 (x86)
> *
> * Don't get discouraged too quickly in your own research. It
> took us close
> * to two months to be able to exploit each of the above
> operating systems.
> * There is a peculiarity to be found for each operating
> system that makes the
> * exploitation possible.
> >
>
> So i think x86 apache admins shouldn't be like "[ aah its
> only for win32 and 64 bit *nixes, ]"
>
> and I again repeat that even 64 bit *nixes include SPARC
> Solaris which is found in abundance.
>
> I think its about time Sun people should take notice of it.
>
> Sites like sunfreeware.com and alike should put updated
> apache packages. else bad time for solaris sparc apache admins.
>
> Regards,
> ---------
> Muhammad Faisal Rauf Danka
>
> Chief Technology Officer
> Gem Internet Services (Pvt) Ltd.
> web: www.gem.net.pk
>
> Vice President
> Pakistan Computer Emergency Responce Team (PakCERT)
> web: www.pakcert.org
>
> Chief Security Analyst
> Applied Technology Research Center (ATRC)
> web: www.atrc.net.pk
>
> _____________________________________________________________
> ---------------------------
> [ATTITUDEX.COM]
> http://www.attitudex.com/
> ---------------------------
>
> _____________________________________________________________
> Promote your group and strengthen ties to your members with
> email at yourgroup.org by Everyone.net
http://www.everyone.net/?btn=tag
>
> To Unsubscribe: send mail to majordomo at FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
More information about the Users-l
mailing list