Metasploit mailing list archives

apache mod_rewrite

From: omen at mysec.org (Omen)
Date: Sat, 30 Sep 2006 03:02:32 +0800

Mostly on our gov office use this for their local network use. I dont 
know about others.. maybe you guys wanna say something..

H D Moore wrote:

Can you think of a case where this exploit is useful? How many people have 
mod_rewrite and mod_ldap enabled? Any pen-testers want to share stats on 
the prevalence of this flaw?

-HD

On Friday 29 September 2006 13:38, Omen wrote:

Hey guys,

Does anyone out there free to write this sploit on 2.6? I believe
theres a PoC at
http://milw0rm.com/exploits/2237

Current thread:

apache mod_rewrite Omen (Sep 29)
- apache mod_rewrite H D Moore (Sep 29)
  - apache mod_rewrite Omen (Sep 29)
    - apache mod_rewrite Tomas L. Byrnes (Sep 29)
    - apache mod_rewrite Giuseppe Senese (Sep 29)
    - apache mod_rewrite Giuseppe Senese (Sep 29)