RE: Bug in Apache 1.3.20 Server - Hackemate Research

[Ron DuFresne <dufresne () winternet com>]

On Mon, 24 Sep 2001, Keith.Morgan wrote:

> I have some questions in-line:
>
> > -----Original Message-----
> > From: Hackemate.com.ar [mailto:hackemate () softhome net]
> > Sent: Friday, September 21, 2001 11:58 PM
> > To: vuln-dev () securityfocus com; incidents () securityfocus com
> > Subject: Bug in Apache 1.3.20 Server - Hackemate Research
> >
> >
> > This bug (?) affects: Apache/1.3.20 Server
> >
> >         While, updating my site and checking out some things and
> > directories, I discovered something pretty interesting in the tmp
> > directory, there were three files, one with a "sem" extension and
> > the other two ones without anyone.
> >
> > Files in Tmp directory:
> >
> > · sess_0af4137ea55aa752a12971b3145d815b
> > · sess_b2e462409e859648ae96a2da84dc03ce
> > · session_mm.sem

These are apache related logs, when apapche is compiled to use the mm
memory handler, and perhaps compiled with ssl support.

Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.