Vulnerability Development mailing list archives
Re: Apache ap_getpass vulnerability
From: Simon Tamás <simont () westel900 hu>
Date: Thu, 6 Jan 2000 21:42:50 +0100
Pavel Kankovsky wrote:
On Sun, 2 Jan 2000, Simon Tamás wrote:Unless this is done somebody who gets access to the webserver machine, and therefore can read the private-key file, can also crash the Apache in such a way that he can read the password from memory. All he has to know is where the static char* inside getpass is in memory.The same memory space where the decrypted private key is stored and ready to be extracted the same way you would extract the password, right?
One shouldn't store the decrypted private key in memory. Instead the encrypted private key and the pass phrase should be stored. More important than this, these values can be discarded as soon as not needed. - after the initial handshake I also think it's easier to find in memory something that's part of the system's core than something part of an application. (I might be wrong...) S.T.
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
Attachment:
simont.vcf
Description: Card for Simon Tamás
Current thread:
- Apache ap_getpass vulnerability Simon Tamás (Nov 02)
- Re: Apache ap_getpass vulnerability Jon Paul, Nollmann (Nov 03)
- Re: Apache ap_getpass vulnerability Simon Tamás (Nov 03)
- Re: Apache ap_getpass vulnerability Jon Paul, Nollmann (Nov 04)
- Re: Apache ap_getpass vulnerability Pavel Kankovsky (Nov 05)
- Re: Apache ap_getpass vulnerability Simon Tamás (Nov 07)
- Re: Apache ap_getpass vulnerability Peter Pentchev (Nov 05)
- Re: Apache ap_getpass vulnerability Simon Tamás (Nov 04)
- Re: Apache ap_getpass vulnerability Peter Pentchev (Nov 05)
- Re: Apache ap_getpass vulnerability Carson Gaspar (Nov 06)
- Re: Apache ap_getpass vulnerability Jon Paul, Nollmann (Nov 06)
- Re: Apache ap_getpass vulnerability Carson Gaspar (Nov 06)
- Re: Apache ap_getpass vulnerability Michael H. Warfield (Nov 07)
- Re: Apache ap_getpass vulnerability Jon Paul, Nollmann (Nov 07)
- Re: Apache ap_getpass vulnerability Lincoln Yeoh (Nov 08)
- Re: Apache ap_getpass vulnerability Bluefish (P.Magnusson) (Nov 10)
- Re: Apache ap_getpass vulnerability Simon Tamás (Nov 03)
- Re: Apache ap_getpass vulnerability Jon Paul, Nollmann (Nov 03)