Security Basics mailing list archives
Re: Strange found in apache error.log
From: arron () nynetworksecurity com
Date: 5 Dec 2005 18:49:40 -0000
Is it possable that there is a XSS flaw in a web app on that server? If so, I've been able to, in the past, use XSS to pass SSI (some tweakin required [char esc seqs similar 2 recent sprintf perl vulns]) into dynamic processes. This could, for example, allow the inclusion of /etc/passwd or the shadow file for cracking and then ssh'n. Since I wasn't the admin of the machine I did it on (I had permission people) I'm not sure the resulting log entries. Although description struck a cord with me. One way or another, it sounds web app specific to me. Godspeed, Arron
Current thread:
- Strange found in apache error.log kc (Dec 05)
- Re: Strange found in apache error.log ascii (Dec 05)
- Re: Strange found in apache error.log Security (Dec 05)
- Re: Strange found in apache error.log Gaddis, Jeremy L. (Dec 06)
- Root kits and host.deny Frynge.com Support (Dec 08)
- Re: Root kits and host.deny Scott B (Dec 08)
- Re: Root kits and host.deny Jeff Davis (Dec 08)
- Re: Root kits and host.deny Edward Krack (Dec 12)
- Re: Root kits and host.deny Gaddis, Jeremy L. (Dec 12)
- Message not available
- Re: Root kits and host.deny Gaddis, Jeremy L. (Dec 13)
- <Possible follow-ups>
- Re: Strange found in apache error.log arron (Dec 05)
- RE: Strange found in apache error.log Miguel Dilaj (Dec 06)