[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bugtraq.c httpd apache ssl attack

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: bugtraq.c httpd apache ssl attack
From: Fernando Nunes <fmcn@xxxxxxxxxx>
Date: 13 Sep 2002 13:55:17 -0000
Delivered-to: mailing list bugtraq@xxxxxxxxxxxxxxxxx
Delivered-to: moderator for bugtraq@xxxxxxxxxxxxxxxxx
Delivery-date: Fri, 13 Sep 2002 18:35:09 +0200
Envelope-to: bugtraq@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm


I am using RedHat 7.3 with Apache 1.3.23. Someone used the 
program "bugtraq.c" to explore an modSSL buffer overflow to get access to 
a shell. The attack creates a file named "/tmp/.bugtraq.c" and compiles it 
using gcc. The program is started with another computer ip address as 
argument. All computer files that the user "apache" can read are exposed.
The program attacks the following Linux distributions:

Red-Hat: Apache 1.3.6,1.3.9,1.3.12,1.3.19,1.3.20,1.3.22,1.3.23,1.3.26
SuSe: Apache 1.3.12,1.3.17,1.3.19,1.3.20,1.3.23
Mandrake: 1.3.14,1.3.19
Slakware: Apache 1.3.26

Regards
Fernando Nunes
Portugal

Follow-Ups:
- Re: bugtraq.c httpd apache ssl attack
  - From: The Little Prince
- Re: bugtraq.c httpd apache ssl attack
  - From: Ben Laurie

Prev by Date: RE: Apache worm in the wild
Next by Date: Re: Multiple vulnerabilities in Avaya Argent Office
Previous by thread: RE: Apache worm in the wild
Next by thread: Re: bugtraq.c httpd apache ssl attack
Index(es):
- Date
- Thread