[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Apache Hole?



At 12:54 PM 1/31/04, Evert Smit wrote:
> if you check the files below, they are owned by the apache user.
>
>My apache is linux:/tmp # rpm -q apache -> apache-1.3.27-82

Ever hear the joke about someone trying to get linux running as an emulator
under JavaScript? Sorry, a bit of a reach. But "Apache" is not just apache:
it is the version of Linux, Perl, mod_perl, PHP, SSH, and so forth.

>[...]
>-rwxrwxrwx    1 wwwrun   nogroup     16798 Jan 28 07:51 webphp
                                                         ^^^^^^
I'd start by seeing what known security issues might exist for whatever
version of PHP you're running, as well as review any and all CGIs for
unsafe behavior.

Somebody else may be able to tell you exactly what you're looking at.

--

Fred Morris
fredm3047@xxxxxxxx (I-ACK)



-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here