Vulnerability Development mailing list archives
Re: exploit code targeting OpenSSL and Mod_SSL ?
From: "Geoffroy Raimbault" <graimbault () lynx-technologies com>
Date: Tue, 15 Apr 2003 18:19:16 +0200
Take a look at this page : http://lists.netsys.com/pipermail/full-disclosure/2002-September/001913.html It's an exploit for the KEY_ARG heap overflow in mod_ssl under Apache written by Solar Eclipse. It is provided with a good documentation on how to exploit the vulnerability. Regards, Geoffroy Raimbault Information Security Consultant http://www.lynx-technologies.com ----- Original Message ----- From: "John" <johnccosta () yahoo ca> To: <vuln-dev () securityfocus com> Sent: Tuesday, April 15, 2003 4:18 AM Subject: exploit code targeting OpenSSL and Mod_SSL ?
Is anyone aware of the existence of exploit code in the wild that is currently targeting OpenSSL and Mod_SSL vulnerabilities? Tx John
Current thread:
- exploit code targeting OpenSSL and Mod_SSL ? John (Apr 15)
- Re: exploit code targeting OpenSSL and Mod_SSL ? Joe Stewart (Apr 15)
- Re: exploit code targeting OpenSSL and Mod_SSL ? Simayi (Apr 17)
- Re: exploit code targeting OpenSSL and Mod_SSL ? Geoffroy Raimbault (Apr 15)
- <Possible follow-ups>
- RE: exploit code targeting OpenSSL and Mod_SSL ? Don Sauer (Apr 15)
- RE: exploit code targeting OpenSSL and Mod_SSL ? Arne Ansper (Apr 16)
- Re: exploit code targeting OpenSSL and Mod_SSL ? Joe Stewart (Apr 15)