Re: Default Apache install w/ mods
From: H D Moore (hdm@digitaloffense.net)Date: 12/17/01
- Previous message: Scalise, Marzio: "htp.print in pen-test"
- In reply to: security curmudgeon: "Re: Default Apache install w/ mods"
- Next in thread: Nicolas Gregoire: "Re: Default Apache install w/ mods"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: H D Moore <hdm@digitaloffense.net> To: security curmudgeon <jericho@attrition.org>, Tim Russo <trusso@wireguided.com> Date: Mon, 17 Dec 2001 11:35:53 -0600
On Friday 14 December 2001 02:12 pm, security curmudgeon wrote:
> > I am going up against what looks like a standard Apache install with the
> > following mods:
> >
> > Apache/1.3.22 (unix) mod_perl/1.26 mod_fastcgi mod_ssl/2.8.5
> > OpenSSL/0.9.6b
> > Sorry for the basic question. Any help would be appreciated.
>
> off a default 1.3.22 install
> /usr/local/apache/cgi-bin/printenv
> /usr/local/apache/cgi-bin/test-cgi
>
> you really should get access to a unix box in order to install packages
> like this. will greatly assist you in figuring out default settings.
In the _source_ distribution, those CGI's exist but are not executable, so
you just get a 403 error if you try to access them. Binary/Dsitribution/OS
specific installs may be different.
-HD
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Scalise, Marzio: "htp.print in pen-test"
- In reply to: security curmudgeon: "Re: Default Apache install w/ mods"
- Next in thread: Nicolas Gregoire: "Re: Default Apache install w/ mods"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
