Full Disclosure mailing list archives
Re: Apache 1.3.27 Remote Root 0-Day
From: "nikoteen" <nikoteen () hp com>
Date: Fri, 20 Jun 2003 19:40:24 +0200
-- What is the M4TR1X ? Yeah don't run that shit. No time to analyse further as... W-E TIME HAS COME! nikoteen. ----- Original Message ----- From: "James Greenhalgh" <james.greenhalgh () worldpay com> To: "Michael" <mike-full () megaglobal net> Cc: <full-disclosure () lists netsys com> Sent: vendredi 20 juin 2003 18:29 Subject: Re: [Full-disclosure] Apache 1.3.27 Remote Root 0-Day
Well it gave me a good laugh on a Friday afternoon anyway :) Read the code, it doesn't send that "shellcode" to a remote server at all, it executes it. On Fri, 2003-06-20 at 16:15, Michael wrote:Maybe now we can STFU and concentrate on actual disclosure? I'm curious as to why there has been no discussion about this apache
report.
The poster of this message didnt include any info on the details of the
problem
nor an exploit, which leaves us wondering. (The insult was cute though) This could be some serious isht if indeed it is true. Can anyone confirm/dispute? -M -- . Michael Jastremski
.............................................................
.. Network Engineer > Megaglobal Networks > Megaglobal.net
.......................
...... Photographer > Open Photo Project > Openphoto.net
........................
.......... Resident > West Philadelphia > Westphila.net
........................
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html-- James Greenhalgh <james.greenhalgh () worldpay com> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Apache 1.3.27 Remote Root 0-Day koec (Jun 19)
- Re: Apache 1.3.27 Remote Root 0-Day Michael (Jun 20)
- Re: Apache 1.3.27 Remote Root 0-Day KF (Jun 20)
- Re: Apache 1.3.27 Remote Root 0-Day Joe Stewart (Jun 20)
- Re: Apache 1.3.27 Remote Root 0-Day James Greenhalgh (Jun 20)
- Re: Apache 1.3.27 Remote Root 0-Day William D. Colburn (aka Schlake) (Jun 20)
- Re: Apache 1.3.27 Remote Root 0-Day nikoteen (Jun 20)
- Re: Apache 1.3.27 Remote Root 0-Day Matt (Jun 20)
- <Possible follow-ups>
- Re: Apache 1.3.27 Remote Root 0-Day Andreas Gietl (Jun 20)
- Re: Apache 1.3.27 Remote Root 0-Day xbud (Jun 20)
- Re: Apache 1.3.27 Remote Root 0-Day Michael (Jun 20)