[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FW: Remote Apache 1.3.x Exploit

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: FW: Remote Apache 1.3.x Exploit
From: Han <han_(_at_)_mijncomputer_(_dot_)_nl>
Date: Thu, 20 Jun 2002 12:51:56 +0200
Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org

lars_(_dot_)_fricke_(_at_)_web_(_dot_)_de (lars_(_dot_)_fricke_(_at_)_web_(_dot_)_de) wrote:
>
> > It's with commented sources and  claims  to  open  a  root-shell  on
> > OpenBSD with httpd unpatched. The devoloper claims  that  he  worked
> > close to two month until now to exploit various OS with this bug.
>
> One correction: It seems to open a shell with 'nobody' rights  (httpd)
> and then advises to use a local root exploit to gain root.

I tried it on two servers, but nothing happened.



Cya, Han.

References:
- Re: FW: Remote Apache 1.3.x Exploit
  - From: lars.fricke

Prev by Date: XF4 and intel i810 card. (Will be supported by XF4?)
Next by Date: Re: pf.conf: broadcast and network address filtering + "no-route" key word
Previous by thread: Re: FW: Remote Apache 1.3.x Exploit
Next by thread: Re: FW: Remote Apache 1.3.x Exploit
Index(es):
- Date
- Thread

Visit your host, monkey.org