[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] Apache Hole?



 if you check the files below, they are owned by the apache user.

My apache is linux:/tmp # rpm -q apache -> apache-1.3.27-82

Anyone know of existing security leaks for this?

Thanks
Evert

Below-> listing of temp files,anyone seens this before? 

drwxrwxrwt   25 root     root         1640 Jan 31 12:45 .
drwxr-xr-x   22 root     root          512 Dec  5 14:52 ..
drwxr-xr-x    8 wwwrun   nogroup       640 Jan 21 10:49 ...
drwxr-xr-x    2 wwwrun   nogroup        48 Jan 28 15:17 ....
drwxrwxrwt    2 root     root           48 Mar 18  2003 .ICE-unix
drwxrwxrwt    2 root     root           48 Mar 18  2003 .X11-unix
drwxr-xr-x    2 root     root           48 Aug 10 15:16 .qt
-rwxr-xr-x    1 wwwrun   nogroup       838 Dec 15 12:49 .rHgmHsb
drwxr-xr-x    2 root     root          144 Aug 11 16:12 .webmin
drwx------    2 root     root           48 Aug 10 15:53 YaST2-02912-qsgkrH
drwx------    2 root     root           48 Aug 10 15:53 YaST2-02935-ouNVcO
drwx------    2 root     root           48 Aug 12 01:16 YaST2-07664-ZvoZ8K
drwx------    2 root     root           48 Aug 12 01:16 YaST2-07664-auzHSh
drwx------    2 root     root           48 Aug 10 22:59 YaST2-07686-1dMyRl
drwx------    2 root     root           48 Aug 10 22:59 YaST2-07686-srPZXX
drwx------    2 root     root           48 Aug 21 09:47 YaST2.tdir
-rw-r--r--    1 wwwrun   nogroup    424644 Oct 15 04:46 ary.tgz.tgz
-rwxr-xr-x    1 wwwrun   nogroup     19580 Jan 28 15:17 bindtty
-rwxr-xr-x    1 wwwrun   nogroup     15003 Aug  5 20:17 cbd
-rwxr-xr-x    1 wwwrun   nogroup     17897 Jan 31 08:26 cgi
-rwxrwxrwx    1 wwwrun   nogroup     15029 Jan 31 08:42 cgi.1
-rw-r--r--    1 wwwrun   nogroup     11805 Jan 31 08:42 dc
-rw-------    1 wwwrun   nogroup      8952 Jan 30 10:22
sess_2c7437c59ed72bd629dbf80821a7d18e
-rw-------    1 wwwrun   nogroup     22261 Jan 31 12:40
sess_3b7cea3ca7bcc2eb36e488c9246fa6e9
-rw-------    1 wwwrun   nogroup      9309 Jan 30 11:21
sess_5343ef8f9fc370f32683b6fa46c97475
-rw-------    1 wwwrun   nogroup     10277 Jan 30 15:48
sess_82e39dce0b040da32ef0173ec78ec061
-rw-------    1 wwwrun   nogroup     17344 Jan 30 13:34
sess_97acba92f3fe53b2bdd085fcc63866d8
-rw-------    1 wwwrun   nogroup     25966 Jan 30 08:31
sess_a5a39f339352ede930fc2adc46a30ca7
-rw-------    1 wwwrun   nogroup     12524 Jan 30 10:42
sess_ade174aac83031f1b20e0efd08465a73
-rw-------    1 wwwrun   nogroup     22138 Jan 30 09:03
sess_cae01eeb71780d8a5dd9cebc4abf6e45
-rw-------    1 wwwrun   nogroup     26961 Jan 30 15:34
sess_e6d8df92da33395045842fbf19f8c8cf
-rw-------    1 wwwrun   nogroup     30854 Jan 31 08:59
sess_f35c03347ec657bc814b17571dc5877d
-rw-------    1 wwwrun   nogroup      8952 Jan 30 07:59
sess_f6fedf50059f8b64747e060905fde21d
drwx------    2 everts   users          80 Aug 12 22:26 ssh-XX9Glbxm
drwx------    2 everts   users          80 Sep 16 23:06 ssh-XX9kCFU2
drwx------    2 everts   users          80 Sep 28 08:47 ssh-XXDzxDkf
drwx------    2 everts   users          80 Jan 31 08:47 ssh-XXJioYvk
drwx------    2 everts   users          80 Sep 22 20:38 ssh-XXZFwAIi
drwx------    2 everts   users          80 Aug 11 14:11 ssh-XXioCldw
drwx------    2 everts   users          80 Oct  1 20:49 ssh-XXuOdNCB
drwx------    2 everts   users          80 Oct  1 21:00 ssh-XXw3Tg6h
drwx------    2 everts   users          80 Aug 11 14:59 ssh-XXwqFEAg
drwx------    2 everts   users          80 Dec  5 13:08 ssh-XXzcFeK0
-rwxrwxrwx    1 wwwrun   nogroup    170613 Dec  5 06:45 telnetd
-rwxrwxrwx    1 wwwrun   nogroup     16798 Jan 28 07:51 webphp



-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here