Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Apache 1.3.27 Remote Root 0-Day

From: James Greenhalgh <james.greenhalgh () worldpay com>
Date: 20 Jun 2003 17:29:18 +0100
Well it gave me a good laugh on a Friday afternoon anyway :)  Read the
code, it doesn't send that "shellcode" to a remote server at all, it
executes it.

On Fri, 2003-06-20 at 16:15, Michael wrote:

Maybe now we can STFU and concentrate on actual disclosure?
I'm curious as to why there has been no discussion about this apache report.

The poster of this message didnt include any info on the details of the problem
nor an exploit, which leaves us wondering.  (The insult was cute though)

This could be some serious isht if indeed it is true.

Can anyone confirm/dispute?


-M 

--
. Michael Jastremski .............................................................
.. Network Engineer > Megaglobal Networks > Megaglobal.net .......................
...... Photographer > Open Photo Project  > Openphoto.net ........................
.......... Resident > West Philadelphia   > Westphila.net ........................
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

-- 
James Greenhalgh <james.greenhalgh () worldpay com>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: