What happens when you run a chunked encoding exploit against it? If you don't get a response and your connection is suddenly terminated, it's vulnerable. I would not consider the server "safe" just because no one has posted exploit code for it to bugtraq either. Kevin Spett SPI Labs http://www.spidynamics.com/ ----- Original Me0ssage ----- From: <r00tat_private> To: <pen-testat_private> Sent: Tuesday, August 13, 2002 8:10 AM Subject: Apache Chunked Encoding Vulnerability on AIX (RS6000) > > Hi All, > > I am currently pen-testing an AIX platform, which utilises Apache and IBM HTTP > server in order to communicate with a back-end AS400 enviornment. > > I have scanned the remote host with the eeye tool Retina - Apache Chunked > scanner V 1,0,3, which reports the host vulnerable. > > It would appear the tool attempts to exploit the vulnerability by attempting to > send a small request that makes a vulnerable server to become unresponsive. > > Would I be right to say that this vulnerability is not exploitable on an RS6000 > platform, given the current exploits in the wild, and the eeye tool is again > producing false positives ???????? > > Any help is very much appreciated. > > Thanks in advance. > > > ./Mark > > > PS: SF Bid number = BID 5033 > > > -------------------------------------------------------------------------- -- > This list is provided by the SecurityFocus Security Intelligence Alert (SIA) > Service. For more information on SecurityFocus' SIA service which > automatically alerts you to the latest security vulnerabilities please see: > https://alerts.securityfocus.com/ > > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Wed Aug 14 2002 - 13:00:44 PDT