bugtraq.c httpd apache ssl attack

From: Fernando Nunes (fmcnat_private)
Date: Fri Sep 13 2002 - 06:55:17 PDT

Next message: Ben Laurie: "OpenSSL worm in the wild"

Previous message: Russell Garrett: "Re: Multiple vulnerabilities in Avaya Argent Office"
Next in thread: adamkujat_private: "Re: bugtraq.c httpd apache ssl attack"
Reply: Fernando Nunes: "Re: bugtraq.c httpd apache ssl attack"
Reply: Ben Kittridge: "Re: bugtraq.c httpd apache ssl attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) I am using RedHat 7.3 with Apache 1.3.23. Someone used the program "bugtraq.c" to explore an modSSL buffer overflow to get access to a shell. The attack creates a file named "/tmp/.bugtraq.c" and compiles it using gcc. The program is started with another computer ip address as argument. All computer files that the user "apache" can read are exposed. The program attacks the following Linux distributions: Red-Hat: Apache 1.3.6,1.3.9,1.3.12,1.3.19,1.3.20,1.3.22,1.3.23,1.3.26 SuSe: Apache 1.3.12,1.3.17,1.3.19,1.3.20,1.3.23 Mandrake: 1.3.14,1.3.19 Slakware: Apache 1.3.26 Regards Fernando Nunes Portugal

Next message: Ben Laurie: "OpenSSL worm in the wild"
Previous message: Russell Garrett: "Re: Multiple vulnerabilities in Avaya Argent Office"
Next in thread: adamkujat_private: "Re: bugtraq.c httpd apache ssl attack"
Reply: Fernando Nunes: "Re: bugtraq.c httpd apache ssl attack"
Reply: Ben Kittridge: "Re: bugtraq.c httpd apache ssl attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Sep 13 2002 - 10:18:08 PDT