Vulnerability Development mailing list archives

Re: Apache exploit or stupid script kiddie?

From: "dove" <dove () freemail absa co za>
Date: Tue, 11 Sep 2001 11:59:20 +0200

howdy,

We had YASK (yet another script kiddie) join #linux on efnet tonight

asking for a patch for the new

apache exploit, knowing of no recent exploit I convinced him to try it on

my machine, he claimed

all he had was a binary compiled to only work on his machine (possible).

He tried it and messaged

me this:

 [root@hisbox /]# ./apex x.x.x.x
 -= FtSoK 0wnz =-
 Checking daemon version...: Apache/1.3.19 (Unix)
 Attempting to compromise..: x.x.x.x
 Remote system is..........: Linux. (Red-Hat/Linux)
 Connected! ...but not vulnerable.


Where x.x.x.x is the address of my machine, I was packet logging (tcpdump)

but came up with nothing

out of the ordinary, perhaps someone else knows more.


Matthew S. Hallacy
\


you could customize your apache to not supply it's version and/or os or
to give out incorrect info (mine says IIS and doze !! on netcraft - check
google ) i also only know of directory transversal but want to look at
auth properly when i have time.

doVe

Current thread:

Apache exploit or stupid script kiddie? Matthew S. Hallacy (Sep 10)
- Re: Apache exploit or stupid script kiddie? dove (Sep 11)
- Re: Apache exploit or stupid script kiddie? jove (Sep 11)
- Re: Apache exploit or stupid script kiddie? Matthew S. Hallacy (Sep 12)
- <Possible follow-ups>
- RE: Apache exploit or stupid script kiddie? auto241065 (Sep 11)