Bug in Apache 1.3.20 Server - Hackemate Research

From: Hackemate.com.ar (hackemate@softhome.net)
Date: 09/22/01 

Date: Sat, 22 Sep 2001 00:58:25 -0300
From: "Hackemate.com.ar" <hackemate@softhome.net>
Message-ID: <1540.010922@softhome.net>
To: vuln-dev@securityfocus.com, incidents@securityfocus.com
Subject: Bug in Apache 1.3.20 Server - Hackemate Research

This bug (?) affects: Apache/1.3.20 Server

        While, updating my site and checking out some things and
directories, I discovered something pretty interesting in the tmp
directory, there were three files, one with a "sem" extension and
the other two ones without anyone.

Files in Tmp directory:

· sess_0af4137ea55aa752a12971b3145d815b
· sess_b2e462409e859648ae96a2da84dc03ce
· session_mm.sem

Content of file "sess_0af4137ea55aa752a12971b3145d815b"

username|s:9:"matt";password|s:9:"secret";!status|lastlist|s:4:"acct";domain|s:16:"host";

as soon as i read it I realised it is nothing more and nothing less than
the server username and password to log in in PLAIN TEXT!
Obviously i changed it where "matt" is the real username and "SECRET" the password

Content of file "sess_b2e462409e859648ae96a2da84dc03ce"

username|s:9:"USERname";password|s:9:"password";!status|lastlist|s:4:"acct";domain|s:16:"host";

The last file "session_mm.sem" was empty

Research by WWW.HACKEMATE.COM <-- Contrasecurity Online

KerozenE 1999-2001 c0oL!
ICQ: 78480975
*********************************
Webmaster of www.hackemate.com.ar
hackemate@softhome.net
*********************************
Moderator of the Security Mailing
http://www.eListas.net/lista/hackemate/alta
hackemate-alta@Elistas.net
*********************************
Editor of the EZine HC&KTM
http://www.hackemate.com.ar
hackemate-alta@Elistas.net
*********************************

Relevant Pages

  • Bug in Apache 1.3.20 Server - Hackemate Research
    ... Bug in Apache 1.3.20 Server - Hackemate Research ... Files in Tmp directory: ... the server username and password to log in in PLAIN TEXT! ...
    (Bugtraq)
  • RE: Bug in Apache 1.3.20 Server - Hackemate Research
    ... Bug in Apache 1.3.20 Server - Hackemate Research ... The files in tmp starting with sess_ are files used to keep info about ...
    (Vuln-Dev)
  • Re: Problem with Xserver and Gnome applications
    ... The program 'gedit' received an X Window System error. ... This probably reflects a bug in the program. ... request belongs to an X11 extension. ... server does not support that extension and gedit doesn't check for it ...
    (comp.sys.sgi.admin)
  • Re: Failed to map the path /App_GlobalResources/
    ... Have you also tested on other server to see whether you'll encounter the ... is this the first time you try deploying 2.0 website on ... |> | If not, install it, and check to see whether the bug remains. ...
    (microsoft.public.dotnet.framework.aspnet)
  • 5 bugs
    ... Don't confuse with Apacheweb server. ... Bug founded in function $exists. ... If you want to use this function (play sound-requests), ...
    (Bugtraq)