Full Disclosure mailing list archives
Re: ***INTERLAND*** 's default vps PROBABLY has REMOTE COMPROMISE vulnerability
From: Liu Die Yu <liudieyu () umbrella name>
Date: Sun, 15 Aug 2004 22:38:47 +0800
thanks for pointing out the possibility of backport. interland is running freebsd4 instead of redhat linux, but there is also backport for freebsd.
i got a question here:i am the administrator of the interland VPS running apache whose version # is 1.3.22.
how can i know if it has backport or not? (ah. the best direct way is to ask VPS guys by creating a support ticket. but as i said, no one responded to this question. INTERLAND guys usually respond to support ticket in 12 hours and solve problem effectively, but they failed to respond this time.
) the lumpalaya wrote:
Oh yeah, I forgot to include this link, in case it happens to be the case.. not that I would know, I dont use Interland... https://www.redhat.com/advice/speaks_backport.html
Just curious -- did you make sure to account for the fact that lots of people backport fixes so that version numbers dont always tell you that something is exploitable? (linux dists seem keen on this a lot).INTERLAND is the most popular web hosting corporation online - even bigger than VERIO - according to 3rd-party survey. INTERLAND's default vps PROBABLY has REMOTE COMPROMISE vulnerability. "PROBABLY" means i just checked the version # of apache, but have not exploited it yet. when i was planning to run my webapp on INTERLAND's web server, i found the server is running apache.1.3.22 and php4.0.x. after checking security record at httpd.apache.org AND php.net, i found both apache and php contain serious vulnerabilities: the most serious problem is critical: apache1.3.22 contains REMOTE COMPROMISE vulnerability: Apache Chunked encoding vulnerability CVE-2002-0392 i created support ticket in my account, and waited for about 36 hours, but no one responded. then i closed the ticket. it looks like the support staff don't care for remote compromise - or too busy to fix it. so INTERLAND users must download and install apache themselves. for demonstration purpose, the following INTERLAND websites are running apache1.3.22 209.203.227.116, 209.203.227.115, 209.203.227.114 209.203.227.117 is an exception - it's my web server with apache1.3.32 and php5 :-)))) Regards, Liu Die Yu http://umbrella.name/people/liu.dieyu/ UMBRELLA.NAME _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- ***INTERLAND*** 's default vps PROBABLY has REMOTE COMPROMISE vulnerability Liu Die Yu (Aug 15)
- Re: ***INTERLAND*** 's default vps PROBABLY has REMOTE COMPROMISE vulnerability the lumpalaya (Aug 15)
- Re: ***INTERLAND*** 's default vps PROBABLY has REMOTE COMPROMISE vulnerability Liu Die Yu (Aug 15)
- Re: ***INTERLAND*** 's default vps PROBABLY has REMOTE COMPROMISE vulnerability Jan Muenther (Aug 15)
- Re: ***INTERLAND*** 's default vps PROBABLY has REMOTE COMPROMISE vulnerability Liu Die Yu (Aug 15)
- Re: ***INTERLAND*** 's default vps PROBABLY has REMOTE COMPROMISE vulnerability the lumpalaya (Aug 15)
- Re: ***INTERLAND*** 's default vps PROBABLY has REMOTE COMPROMISE vulnerability the lumpalaya (Aug 15)