Full Disclosure mailing list archives

Re: Remotely exploitable b/o/f in Apache+mod_mylo

From: "GaLiaRePt" <galiarept () phreaker net>
Date: Mon, 28 Jul 2003 18:24:27 +0200

There exists a remotely exploitable buffer overflow in the mod_mylo module

for

apache.

It is a relatively obscure MySQL logging module for Apache that appears

not to

be in widespread use at present. However, it is present in the FreeBSD

ports

collection so may affect FreeBSD slighly more than Linux systems.

Advisory + exploit attached.



Exploit Sourcecode available at :
http://www.security-corporation.com/exploits-20030728-000.html

Regards,

--
GaLiaRePt

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Remotely exploitable b/o/f in Apache+mod_mylo Carl Livitt (Jul 28)
- Re: Remotely exploitable b/o/f in Apache+mod_mylo GaLiaRePt (Jul 28)