[27030] in bugtraq
Re: bugtraq.c httpd apache ssl attack
daemon@ATHENA.MIT.EDU (The Little Prince)
Fri Sep 13 14:35:50 2002
Date: Fri, 13 Sep 2002 10:11:53 -0700 (PDT)
From: The Little Prince <thelittleprince@asteroid-b612.org>
To: Fernando Nunes <fmcn@netcabo.pt>
In-Reply-To: <20020913135517.28304.qmail@mail.securityfocus.com>
Message-ID: <Pine.LNX.4.33.0209131009250.8739-100000@stevenjude2.compustrat.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
too easy to chmod 700 gcc to lock it to root?
obviously not as a TOTAL fix
-Tony
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Anthony J. Biacco Network Administrator/Engineer
thelittleprince@asteroid-b612.org http://www.asteroid-b612.org
"Every day should be a good day to die" -DJM
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
On 13 Sep 2002, Fernando Nunes wrote:
>
>
> I am using RedHat 7.3 with Apache 1.3.23. Someone used the
> program "bugtraq.c" to explore an modSSL buffer overflow to get access to
> a shell. The attack creates a file named "/tmp/.bugtraq.c" and compiles it
> using gcc. The program is started with another computer ip address as
> argument. All computer files that the user "apache" can read are exposed.
> The program attacks the following Linux distributions:
>
> Red-Hat: Apache 1.3.6,1.3.9,1.3.12,1.3.19,1.3.20,1.3.22,1.3.23,1.3.26
> SuSe: Apache 1.3.12,1.3.17,1.3.19,1.3.20,1.3.23
> Mandrake: 1.3.14,1.3.19
> Slakware: Apache 1.3.26
>
> Regards
> Fernando Nunes
> Portugal
>
>
--
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Anthony J. Biacco Network Administrator/Engineer
thelittleprince@asteroid-b612.org http://www.asteroid-b612.org
"Every day should be a good day to die" -DJM
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
