Fwd: bugtraq.c httpd apache ssl attack] (fwd)

Attachments:
Message as email (text/plain)

Author: Matt Alexander
Date:
Subject: Fwd: bugtraq.c httpd apache ssl attack] (fwd)

---------- Forwarded message ----------
Date: Fri, 13 Sep 2002 10:47:05 -0700
From: Stafford A. Rau <srau@rauhaus.org>
Reply-To: plug@lists.pdxlinux.org
To: plug@lists.pdxlinux.org
Subject: [PLUG] [plhofmei@zionlth.org: Fwd: bugtraq.c httpd apache ssl
    attack]

Here's more info about what looks to be a modssl compromise.

--Stafford

----- Forwarded message from Phillip Hofmeister <plhofmei@zionlth.org> -----

Date: Fri, 13 Sep 2002 13:25:28 -0400
From: Phillip Hofmeister <plhofmei@zionlth.org>
To: debian-security@lists.debian.org
Subject: Fwd: bugtraq.c httpd apache ssl attack
Message-ID: <20020913172528.GA12508@zionlth.org>
User-Agent: Mutt/1.4i
X-Mailing-List: <debian-security@lists.debian.org> archive/latest/8890

Even through we are not mentioned are we vulnerable to this attack?

----- Forwarded message from Fernando Nunes <fmcn@netcabo.pt> -----

Envelope-to: plhofmei@zionlth.org
Delivery-date: Fri, 13 Sep 2002 13:20:23 -0400
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Date: 13 Sep 2002 13:55:17 -0000
X-Mailer: MIME-tools 5.411 (Entity 5.404)
From: Fernando Nunes <fmcn@netcabo.pt>
To: bugtraq@securityfocus.com
Subject: bugtraq.c httpd apache ssl attack

I am using RedHat 7.3 with Apache 1.3.23. Someone used the
program "bugtraq.c" to explore an modSSL buffer overflow to get access to
a shell. The attack creates a file named "/tmp/.bugtraq.c" and compiles it
using gcc. The program is started with another computer ip address as
argument. All computer files that the user "apache" can read are exposed.
The program attacks the following Linux distributions:

Red-Hat: Apache 1.3.6,1.3.9,1.3.12,1.3.19,1.3.20,1.3.22,1.3.23,1.3.26
SuSe: Apache 1.3.12,1.3.17,1.3.19,1.3.20,1.3.23
Mandrake: 1.3.14,1.3.19
Slakware: Apache 1.3.26

Regards
Fernando Nunes
Portugal

----- End forwarded message -----

--
Phil

PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/ | gpg --import

XP Source Code:

#include <win2k.h>
#include <extra_pretty_things_with_bugs.h>
#include <more_bugs.h>
#include <require_system_activation.h>
#include <phone_home_every_so_often.h>
#include <remote_admin_abilities_for_MS.h>
#include <more_restrictive_EULA.h>
#include <sell_your_soul_to_MS_EULA.h>
//os_ver="Windows 2000"
os_ver="Windows XP"

--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

----- End forwarded message -----

_______________________________________________
PLUG mailing list
PLUG@lists.pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug

This message is part of the following thread:
	the complete thread tree sorted by date