Re: bugtraq.c httpd apache ssl attack

From: The Little Prince (thelittleprince@asteroid-b612.org)
Date: 09/13/02

• Previous message: Dave Ahmad: "Re: OpenSSL worm in the wild"
• In reply to: Fernando Nunes: "bugtraq.c httpd apache ssl attack"
• Next in thread: adamkuj@gatordog.com: "Re: bugtraq.c httpd apache ssl attack"
• Reply: adamkuj@gatordog.com: "Re: bugtraq.c httpd apache ssl attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Fri, 13 Sep 2002 10:11:53 -0700 (PDT)
From: The Little Prince <thelittleprince@asteroid-b612.org>
To: Fernando Nunes <fmcn@netcabo.pt>

too easy to chmod 700 gcc to lock it to root?
obviously not as a TOTAL fix

-Tony
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Anthony J. Biacco Network Administrator/Engineer
thelittleprince@asteroid-b612.org http://www.asteroid-b612.org

             "Every day should be a good day to die" -DJM
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.

On 13 Sep 2002, Fernando Nunes wrote:

>
>
> I am using RedHat 7.3 with Apache 1.3.23. Someone used the
> program "bugtraq.c" to explore an modSSL buffer overflow to get access to
> a shell. The attack creates a file named "/tmp/.bugtraq.c" and compiles it
> using gcc. The program is started with another computer ip address as
> argument. All computer files that the user "apache" can read are exposed.
> The program attacks the following Linux distributions:
>
> Red-Hat: Apache 1.3.6,1.3.9,1.3.12,1.3.19,1.3.20,1.3.22,1.3.23,1.3.26
> SuSe: Apache 1.3.12,1.3.17,1.3.19,1.3.20,1.3.23
> Mandrake: 1.3.14,1.3.19
> Slakware: Apache 1.3.26
>
> Regards
> Fernando Nunes
> Portugal
>
>

-- 
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Anthony J. Biacco                            Network Administrator/Engineer
thelittleprince@asteroid-b612.org              http://www.asteroid-b612.org
             "Every day should be a good day to die"   -DJM
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.

---

• Previous message: Dave Ahmad: "Re: OpenSSL worm in the wild"
• In reply to: Fernando Nunes: "bugtraq.c httpd apache ssl attack"
• Next in thread: adamkuj@gatordog.com: "Re: bugtraq.c httpd apache ssl attack"
• Reply: adamkuj@gatordog.com: "Re: bugtraq.c httpd apache ssl attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Apache Configure issue in Solaris 8 ... I am trying to configure Apache in solaris 8 system. ... I do have installed GCC, binutils, expat, ... uname -m = sun4u ... BusType = <unknown> ... (SunManagers) Re: configure: error: C compiler cannot create executables ... I've installed gcc from sunfreeware, ... Configuring Apache Portable Runtime library ... ... checking for C compiler default output file name... ... BusType = <unknown> ... (comp.unix.solaris) configure: error: C compiler cannot create executables ... I've installed gcc from sunfreeware, ... Configuring Apache Portable Runtime library ... ... checking for C compiler default output file name... ... BusType = <unknown> ... (comp.unix.solaris) Re: mod_jk2 build error Tomcat+Apache ... > assumes you are using the sun compiler and passes the wrong swtiches to ... Thanks for the note Alex. ... compiler used by apache: gcc ... (comp.unix.solaris) Installation problem: apxs not found ... I have a RHLinux 9 box running Apache httpd 2.0.40 and MySQL ... checking for gcc... ... checking whether the C compiler is a cross-compiler... ... I was not able to successfully run APXS. ... (comp.lang.php)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2002-09