Re: [ISN] Free tool: apache chunked vulnerability scanner

From: InfoSec News (isn@c4i.org)
Date: Tue Jun 25 2002 - 04:49:25 PDT

Next message: InfoSec News: "[ISN] Firm sues ex-employees over hacking"

Previous message: InfoSec News: "[ISN] Kremlin's new Web site: Hacker-proof?"
Maybe in reply to: InfoSec News: "[ISN] Free tool: apache chunked vulnerability scanner"
Next in thread: InfoSec News: "RE: [ISN] Free tool: apache chunked vulnerability scanner"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded from: Joshua Levitsky <jlevitsk@joshie.com>

Also the tool is completely useless to those of us running 1.3.23 with
a backport of the 1.3.26 fix... but that only includes Red Hat and
Mandrake users... how many of them could there be out there? Honestly
I was disappointed when I ran the scan and figured out all it was
doing was checking the version of apache from the header. To me that
isn't a test of anything. It's sad because I normally like stuff from
eEye. It would be nice if eEye made something that would really test
for the exploit since this is such a dangerous flaw in Apache.

--
Joshua Levitsky, MCSE, CISSP, EMTD
Desktop Systems Engineer
AOL Time Warner


----- Original Message -----
From: "InfoSec News" <isn@c4i.org>
To: <isn@attrition.org>
Sent: Monday, June 24, 2002 5:35 AM
Subject: RE: [ISN] Free tool: apache chunked vulnerability scanner


> Forwarded from: "Marc Maiffret" <marc@eeye.com>
> Cc: "Greg Broiles" <gbroiles@parrhesia.com>
>
> yes the tool is non intrusive. thanks for pointing that out. well
> update the site.
>
>
> Signed,
> Marc Maiffret
> Chief Hacking Officer
> eEye Digital Security
> T.949.349.9062
> F.949.349.9538
> http://eEye.com/Retina - Network Security Scanner
> http://eEye.com/Iris - Network Traffic Analyzer
> http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities
>
>
> | -----Original Message-----
> | From: Greg Broiles [mailto:gbroiles@parrhesia.com]
> | Sent: Friday, June 21, 2002 10:07 AM
> | To: isn@attrition.org; marc@eeye.com
> | Subject: Re: [ISN] Free tool: apache chunked vulnerability scanner
> |
> |
> | Marc Maiffret wrote:
> |
> | >We released a free tool tonight to scan for the recent Apache chunked
> | >encoding vulnerability.
> | >
> | >You can download it from:
> | >http://www.eeye.com/html/Research/Tools/apachechunked.html
> |
> | Wouldn't it be more accurate to say that you've released a free
> | tool which scans HTTP headers for Apache version numbers, and then
> | reports servers as vulnerable if they report running a version which,
> | if unpatched, would bevulnerable?
> |
> | Now, that's a very helpful program, but it's not really the same thing
> | as scanning for the vulnerability itself.
> |
> |
> | --
> | Greg Broiles -- gbroiles@parrhesia.com -- PGP 0x26E4488c or 0x94245961



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo@attrition.org with 'unsubscribe isn'
in the BODY of the mail.

Next message: InfoSec News: "[ISN] Firm sues ex-employees over hacking"
Previous message: InfoSec News: "[ISN] Kremlin's new Web site: Hacker-proof?"
Maybe in reply to: InfoSec News: "[ISN] Free tool: apache chunked vulnerability scanner"
Next in thread: InfoSec News: "RE: [ISN] Free tool: apache chunked vulnerability scanner"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jun 25 2002 - 07:52:58 PDT