Full Disclosure mailing list archives
Re: Apache 1.3.29
From: "Jarrod SMith" <SirSlappy () cox-internet com>
Date: Thu, 11 Mar 2004 23:54:34 -0600
Totally sorry about that. The "00" both of your names had me confused. 1000 apologies. ----- Original Message ----- From: "d4rkgr3y" <d4rk () securitylab ru> To: <full-disclosure () lists netsys com> Sent: Thursday, March 11, 2004 10:48 PM Subject: Re: [Full-disclosure] Apache 1.3.29
They might have used an apache user discosure bug that allows you to
check
user names vs. passwords.. I think it's made by w00w00. It will check
the
user names and passes, if it finds one that works it will login via FTP
to
make sure.It's made by me and you can find it on m00.void.ru/release.html----- Original Message ----- From: VeNoMouS To: full-disclosure () lists netsys com Sent: Thursday, March 11, 2004 2:38 PM Subject: [Full-disclosure] Apache 1.3.29 any one know if theres a new exploit for apache 1.3.29 in the wild one
of
my mates boxes was breached this morning by ir4dex appears they gained
axx
via apache then got root via mmap()I could hardly imagine that such exploit code is realy exist. I think that your server was hacked via vulnerability in additional apache mods. Like mod_ssl, mod_php, mod_gzip, mod_python, etc. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Apache 1.3.29 VeNoMouS (Mar 11)
- Re: Apache 1.3.29 Jarrod SMith (Mar 11)
- Re: Apache 1.3.29 d4rkgr3y (Mar 11)
- Re: Apache 1.3.29 Jarrod SMith (Mar 11)
- Re: Apache 1.3.29 d4rkgr3y (Mar 11)
- Re: Apache 1.3.29 Cedric Blancher (Mar 11)
- Re: Apache 1.3.29 VeNoMouS (Mar 11)
- Re: Apache 1.3.29 worldi (Mar 12)
- Re: Apache 1.3.29 VeNoMouS (Mar 11)
- <Possible follow-ups>
- Re: Apache 1.3.29 bart2k (Mar 12)
- Re: Apache 1.3.29 Jarrod SMith (Mar 11)