Vulnerability Development mailing list archives
Re: Rumours about Apache 1.3.22 exploits -> analysis of so-called exploit client
From: Sean Davis <dive () endersgame net>
Date: Thu, 7 Mar 2002 14:50:00 -0500
On Thu, Mar 07, 2002 at 08:46:29PM +0100, Manuel Bouyer wrote:
On Thu, Mar 07, 2002 at 12:07:31AM -0500, Sean Davis wrote:First, I want to thank everybody who has posted information on this - it's something that (for obvious reasons) we don't want on our machines. I have a question, however. Does this "virus" only affect Linux hosts? I personally do not run Linux, and have not for some time (all the security problems being just one of many reasons, but I don't want this to become an OS war) I run NetBSD. NetBSD has, as an option. Linux binary emulation. Now, while I don't think there is any way for this virus to infect any other files on your system (that you do not own) unless you are root, how exactly is this program getting root? Stop me if I'm wrong - but this thread was originally about apache exploits. Where is the vulnerability, apache, php, or what?In this specific case, the exploit is in php (unless I misunderstood the wulnerability it's about).
I think the vulnerability in question is in PHP. Is the version of PHP4 in NetBSD pkgsrc fixed? I've disabled php in apache since I don't use it much anyway, but I'd feel a lot better about re-enabling it if I knew it was no longer an issue. -- /~\ The ASCII Sean Davis \ / Ribbon Campaign aka dive X Against HTML / \ Email! http://eros.endersgame.net:8000/~dive
Current thread:
- Re: Rumours about Apache 1.3.22 exploits, (continued)
- Re: Rumours about Apache 1.3.22 exploits KF (Mar 05)
- Re: Rumours about Apache 1.3.22 exploits Erik Tayler (Mar 05)
- Re: Rumours about Apache 1.3.22 exploits Charles 'core' Stevenson (Mar 05)
- Re: Rumours about Apache 1.3.22 exploits nilton . gs . sc (Mar 05)
- Re: Rumours about Apache 1.3.22 exploits adamb (Mar 06)
- Re: Rumours about Apache 1.3.22 exploits Richard Hamnett (Mar 06)
- Re: Rumours about Apache 1.3.22 exploits Vanja Hrustic (Mar 06)
- Re: Rumours about Apache 1.3.22 exploits -> analysis of so-called exploit client adamb (Mar 06)
- Re: Rumours about Apache 1.3.22 exploits -> analysis of so-called exploit client Sean Davis (Mar 06)
- Re: Rumours about Apache 1.3.22 exploits -> analysis of so-called exploit client Manuel Bouyer (Mar 08)
- Re: Rumours about Apache 1.3.22 exploits -> analysis of so-called exploit client Sean Davis (Mar 07)
- Re: Rumours about Apache 1.3.22 exploits -> analysis of so-called exploit client Manuel Bouyer (Mar 08)
- Re: Rumours about Apache 1.3.22 exploits adamb (Mar 06)
- RE: Rumours about Apache 1.3.22 exploits Benjamin Morin (Mar 07)
- strange win2k behavior hotx (Mar 09)
- Re: strange win2k behavior Felix Domke (Mar 09)