Bugtraq mailing list archives

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure

From: terry white <twhite () aniota com>
Date: Tue, 13 Aug 2013 04:37:58 -0700 (PDT)


... ciao:

: on "8-13-2013" "Reindl Harald" writ:
: >> and so stop trying to be a smartass in topics you are clueless
: >
: > Please no personal insults

: truth != insult

   it is perhaps just me, but when i see "smartass" in an otherwise 
reasoned dialogue, "the TRUTH", is seldom if ever, my first thought.  what 
is, is a weakness in position; either with the position taken, or an 
inability to handle the frustration of holding it.
 
   in addition, clueless as a delimiter, is not absolute in discussion.  
there are times, when expertise blinds its holder to an obvious but 
counter intuitive point of view. 

   for example, i lay claim to being the icon of "clueless" when it comes 
to 'php'. i did however, "NOTICE" all the security problems showing up in 
regard to it.  AND was able to figure out, it a "RISK", no matter ""which"" 
'webserver' it services.  if i'd known more, i too, could have "blamed" 
apache ...


... it's not what you see ,
    but in stead , notice ...

Current thread:

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure, (continued)
- - - Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure coderaptor (Aug 12)
    - Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure Brandon M. Graves (Aug 12)
    - Re: Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure Marco Floris (Aug 13)
    - Message not available
    - Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure George Machitidze (Aug 12)
    - Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure Jeffrey Walton (Aug 12)
    - Message not available
    - Message not available
    - Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure Reindl Harald (Aug 13)
    - Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure coderaptor (Aug 13)
    - Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure Reindl Harald (Aug 13)
    - Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure coderaptor (Aug 13)
    - Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure Reindl Harald (Aug 13)
    - Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure terry white (Aug 13)
    - Message not available
    - Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure Chris Meisinger (Aug 13)
    - Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure Jorge Dorantes (Aug 13)
    - Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure James Birk (Aug 13)
    - Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure Mike Ely (Aug 13)
    - Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure Matthew Caron (Aug 13)
    - Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure Stefan Kanthak (Aug 13)
    - Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure Reindl Harald (Aug 13)