[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: FW: Remote Apache 1.3.x Exploit
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: FW: Remote Apache 1.3.x Exploit
- From: Han <han_(_at_)_mijncomputer_(_dot_)_nl>
- Date: Thu, 20 Jun 2002 12:51:56 +0200
- Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org
lars_(_dot_)_fricke_(_at_)_web_(_dot_)_de (lars_(_dot_)_fricke_(_at_)_web_(_dot_)_de) wrote:
> > It's with commented sources and claims to open a root-shell on
> > OpenBSD with httpd unpatched. The devoloper claims that he worked
> > close to two month until now to exploit various OS with this bug.
> One correction: It seems to open a shell with 'nobody' rights (httpd)
> and then advises to use a local root exploit to gain root.
I tried it on two servers, but nothing happened.
Visit your host, monkey.org