Information Security News mailing list archives

Re: Free tool: apache chunked vulnerability scanner

From: InfoSec News <isn () c4i org>
Date: Tue, 25 Jun 2002 06:49:25 -0500 (CDT)

Forwarded from: Joshua Levitsky <jlevitsk () joshie com>

Also the tool is completely useless to those of us running 1.3.23 with
a backport of the 1.3.26 fix... but that only includes Red Hat and
Mandrake users... how many of them could there be out there? Honestly
I was disappointed when I ran the scan and figured out all it was
doing was checking the version of apache from the header. To me that
isn't a test of anything. It's sad because I normally like stuff from
eEye. It would be nice if eEye made something that would really test
for the exploit since this is such a dangerous flaw in Apache.

--
Joshua Levitsky, MCSE, CISSP, EMTD
Desktop Systems Engineer
AOL Time Warner


----- Original Message -----
From: "InfoSec News" <isn () c4i org>
To: <isn () attrition org>
Sent: Monday, June 24, 2002 5:35 AM
Subject: RE: [ISN] Free tool: apache chunked vulnerability scanner

Forwarded from: "Marc Maiffret" <marc () eeye com>
Cc: "Greg Broiles" <gbroiles () parrhesia com>

yes the tool is non intrusive. thanks for pointing that out. well
update the site.


Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities


| -----Original Message-----
| From: Greg Broiles [mailto:gbroiles () parrhesia com]
| Sent: Friday, June 21, 2002 10:07 AM
| To: isn () attrition org; marc () eeye com
| Subject: Re: [ISN] Free tool: apache chunked vulnerability scanner
|
|
| Marc Maiffret wrote:
|
| >We released a free tool tonight to scan for the recent Apache chunked
| >encoding vulnerability.
| >
| >You can download it from:
| >http://www.eeye.com/html/Research/Tools/apachechunked.html
|
| Wouldn't it be more accurate to say that you've released a free
| tool which scans HTTP headers for Apache version numbers, and then
| reports servers as vulnerable if they report running a version which,
| if unpatched, would bevulnerable?
|
| Now, that's a very helpful program, but it's not really the same thing
| as scanning for the vulnerability itself.
|
|
| --
| Greg Broiles -- gbroiles () parrhesia com -- PGP 0x26E4488c or 0x94245961




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.

Current thread:

Free tool: apache chunked vulnerability scanner InfoSec News (Jun 20)
- <Possible follow-ups>
- RE: Free tool: apache chunked vulnerability scanner InfoSec News (Jun 24)
- Re: Free tool: apache chunked vulnerability scanner InfoSec News (Jun 25)
- RE: Free tool: apache chunked vulnerability scanner InfoSec News (Jun 25)