Le jeu 11/03/2004 à 21:38, VeNoMouS a écrit : > any one know if theres a new exploit for apache 1.3.29 in the wild one > of my mates boxes was breached this morning by ir4dex appears they > gained axx via apache then got root via mmap()
Have you checked PHP and CGI stuff to see if there was a way to compromise the host using them ? They are often a valuable to gain a unpriviledged shell on web server. -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
