hi KingCope the one of security features in hosting servers is : dont allow to .htaccess override from users for doing this features in httpd.conf you can use *AllowOverride None* instead of *AllowOverride all* ​with this feature you can not use this bug. tnx
On Wed, Aug 7, 2013 at 8:38 PM, king cope < isowarez.isowarez.isowa...@googlemail.com> wrote: > hi... > I posted the advisory to make administratos aware that it will be > still possible to read files with the apache uid even when suEXEC is > in place. > suEXEC is installed on many hosting providers. I read the cpanel site > describing the patches [1], tough standart apache httpd does not have > these patches installed. > SymLinksIfOwnerMatch will not help in this attack scenario because the > .htaccess file overwrites this Options directive. > If a hacker sees an apache installation using suEXEC from an attackers > perspective it does not matter where the bug resides, either in Apache > or in suEXEC. He just wants to circumvent the suEXEC protection so he > can go the way described in the text I posted. This will aid him to > escalate privileges further. > > > http://docs.cpanel.net/twiki/bin/vief/EasyApache/Apache/SymlinkPatch#Frequently%20Asked%20Questions >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
