[4052] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Bug in apache httpd 1.1.3

daemon@ATHENA.MIT.EDU (Mihai Ibanescu)
Sun Feb 16 22:24:42 1997

Date: 	Sun, 16 Feb 1997 15:28:40 +0200
Reply-To: Mihai Ibanescu <misa@THOR.INFOIASI.RO>
From: Mihai Ibanescu <misa@THOR.INFOIASI.RO>
To: BUGTRAQ@netspace.org

        Hello!

        I noticed something interesting on my RedHat linux system (and on
some other linuxes).
        httpd creates a file /tmp/apache_status, and follows blindly any
link if /tmp/apache_status points somewhere, for instance /etc/passwd. So
one can overwrite any file in the system. If she is able to create such a
link, and I don't think that's impossible.
        The funny thing is that I have apache 1.1.3 installed on a SPARC
Solaris, and the problem doesn't exist there. So am I paranoid, or is
there a problem in the Apache server?

                                                Misa

Department of Computer Science          Mihai Ibanescu
"Al. I. Cuza" Univ. of Iasi             e-mail: misa@infoiasi.ro
Romania                                 http://www.infoiasi.ro/~misa


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[4052] in bugtraq

Bug in apache httpd 1.1.3

daemon@ATHENA.MIT.EDU (Mihai Ibanescu)Sun Feb 16 22:24:42 1997

daemon@ATHENA.MIT.EDU (Mihai Ibanescu)
Sun Feb 16 22:24:42 1997