Even through we are not mentioned are we vulnerable to this attack? ----- Forwarded message from Fernando Nunes <[EMAIL PROTECTED]> -----
Envelope-to: [EMAIL PROTECTED] Delivery-date: Fri, 13 Sep 2002 13:20:23 -0400 Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm Precedence: bulk List-Id: <bugtraq.list-id.securityfocus.com> List-Post: <mailto:bugtraq@securityfocus.com> List-Help: <mailto:[EMAIL PROTECTED]> List-Unsubscribe: <mailto:[EMAIL PROTECTED]> List-Subscribe: <mailto:[EMAIL PROTECTED]> Delivered-To: mailing list bugtraq@securityfocus.com Delivered-To: moderator for bugtraq@securityfocus.com Date: 13 Sep 2002 13:55:17 -0000 X-Mailer: MIME-tools 5.411 (Entity 5.404) From: Fernando Nunes <[EMAIL PROTECTED]> To: bugtraq@securityfocus.com Subject: bugtraq.c httpd apache ssl attack I am using RedHat 7.3 with Apache 1.3.23. Someone used the program "bugtraq.c" to explore an modSSL buffer overflow to get access to a shell. The attack creates a file named "/tmp/.bugtraq.c" and compiles it using gcc. The program is started with another computer ip address as argument. All computer files that the user "apache" can read are exposed. The program attacks the following Linux distributions: Red-Hat: Apache 1.3.6,1.3.9,1.3.12,1.3.19,1.3.20,1.3.22,1.3.23,1.3.26 SuSe: Apache 1.3.12,1.3.17,1.3.19,1.3.20,1.3.23 Mandrake: 1.3.14,1.3.19 Slakware: Apache 1.3.26 Regards Fernando Nunes Portugal ----- End forwarded message ----- -- Phil PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/ | gpg --import XP Source Code: #include <win2k.h> #include <extra_pretty_things_with_bugs.h> #include <more_bugs.h> #include <require_system_activation.h> #include <phone_home_every_so_often.h> #include <remote_admin_abilities_for_MS.h> #include <more_restrictive_EULA.h> #include <sell_your_soul_to_MS_EULA.h> //os_ver="Windows 2000" os_ver="Windows XP"