Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Interesting webserver intrusion (apache 1.3.31, mod_ssl 2.8.18, php 4.3.7)

From: Tim Greer <chatmaster () charter net>
Date: 13 Jul 2004 10:21:48 -0700
On Mon, 2004-07-12 at 07:33, Dmitry Alyabyev wrote:

On Saturday 10 July 2004 04:40, Tim Greer wrote:

[skip]


Sounds like one of the many PHP scripts is exploitable.  You could run
PHP as CGI w/ the suexec wrapper (and even tweak the source or use an
existing patch so PHP scripts don't need to be modified at all (other
than the ownership of some files/dirs PHP scripts need to use/write to).


not really - you will lose authentication within PHP scripts in meaning of 
receiving password via environment and some add-ons like Zend optimizer will 
stop working


Auth can still work, and Zend works w/ cli.  There might be some scripts
that don't work, or add-ons, but I'm not aware of any personally.  But
that's a discussion best left for another thread in another forum. 
Cheers!
-- 
Tim
Previous By Date Next
Previous By Thread Next

Current thread: