Penetration Testing mailing list archives
Re: Default Apache install w/ mods
From: H D Moore <hdm () digitaloffense net>
Date: Mon, 17 Dec 2001 11:35:53 -0600
On Friday 14 December 2001 02:12 pm, security curmudgeon wrote:
I am going up against what looks like a standard Apache install with the following mods: Apache/1.3.22 (unix) mod_perl/1.26 mod_fastcgi mod_ssl/2.8.5 OpenSSL/0.9.6b Sorry for the basic question. Any help would be appreciated.off a default 1.3.22 install /usr/local/apache/cgi-bin/printenv /usr/local/apache/cgi-bin/test-cgi you really should get access to a unix box in order to install packages like this. will greatly assist you in figuring out default settings.
In the _source_ distribution, those CGI's exist but are not executable, so you just get a 403 error if you try to access them. Binary/Dsitribution/OS specific installs may be different. -HD ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Default Apache install w/ mods Tim Russo (Dec 14)
- Re: Default Apache install w/ mods security curmudgeon (Dec 17)
- Re: Default Apache install w/ mods H D Moore (Dec 17)
- <Possible follow-ups>
- Re: Default Apache install w/ mods Nicolas Gregoire (Dec 17)
- Re: Default Apache install w/ mods security curmudgeon (Dec 17)