Full Disclosure mailing list archives
Re: Apache 1.3.29
From: "VeNoMouS" <venom () gen-x co nz>
Date: Fri, 12 Mar 2004 15:52:46 +1300
heh after the 10 or so emails i got stating almost the same thing i said it was a mates box, NOT MINE. how ever i did tell him to look at the logs and he did say there were alot of the following "\x80j\x01\x03\x01" but how can j be in there is what i dont get *shrug* ----- Original Message ----- From: "Cedric Blancher" <blancher () cartel-securite fr> To: "VeNoMouS" <venom () gen-x co nz> Cc: <full-disclosure () lists netsys com> Sent: Friday, March 12, 2004 12:13 PM Subject: Re: [Full-disclosure] Apache 1.3.29
Le jeu 11/03/2004 à 21:38, VeNoMouS a écrit :any one know if theres a new exploit for apache 1.3.29 in the wild one of my mates boxes was breached this morning by ir4dex appears they gained axx via apache then got root via mmap()Have you checked PHP and CGI stuff to see if there was a way to compromise the host using them ? They are often a valuable to gain a unpriviledged shell on web server. -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EEHi! I'm your friendly neighbourhood signature virus. Copy me to your signature file and help me spread!_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Apache 1.3.29 VeNoMouS (Mar 11)
- Re: Apache 1.3.29 Jarrod SMith (Mar 11)
- Re: Apache 1.3.29 d4rkgr3y (Mar 11)
- Re: Apache 1.3.29 Jarrod SMith (Mar 11)
- Re: Apache 1.3.29 d4rkgr3y (Mar 11)
- Re: Apache 1.3.29 Cedric Blancher (Mar 11)
- Re: Apache 1.3.29 VeNoMouS (Mar 11)
- Re: Apache 1.3.29 worldi (Mar 12)
- Re: Apache 1.3.29 VeNoMouS (Mar 11)
- <Possible follow-ups>
- Re: Apache 1.3.29 bart2k (Mar 12)
- Re: Apache 1.3.29 Jarrod SMith (Mar 11)