RE: Bug in Apache 1.3.20 Server - Hackemate Research

From: Ron DuFresne (dufresne@winternet.com)
Date: 09/24/01

• Previous message: Enrique A. Compań Gzz.: "TheExeCutor v2.0 A PRE Release"
• In reply to: Keith.Morgan: "RE: Bug in Apache 1.3.20 Server - Hackemate Research"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Mon, 24 Sep 2001 14:33:34 -0500 (CDT)
From: Ron DuFresne <dufresne@winternet.com>
To: "Keith.Morgan" <Keith.Morgan@Terradon.com>
Subject: RE: Bug in Apache 1.3.20 Server - Hackemate Research
Message-ID: <Pine.GSO.4.05.10109241431170.8442-100000@tundra.winternet.com>

On Mon, 24 Sep 2001, Keith.Morgan wrote:

> I have some questions in-line:
>
> > -----Original Message-----
> > From: Hackemate.com.ar [mailto:hackemate@softhome.net]
> > Sent: Friday, September 21, 2001 11:58 PM
> > To: vuln-dev@securityfocus.com; incidents@securityfocus.com
> > Subject: Bug in Apache 1.3.20 Server - Hackemate Research
> >
> >
> > This bug (?) affects: Apache/1.3.20 Server
> >
> > While, updating my site and checking out some things and
> > directories, I discovered something pretty interesting in the tmp
> > directory, there were three files, one with a "sem" extension and
> > the other two ones without anyone.
> >
> > Files in Tmp directory:
> >
> > · sess_0af4137ea55aa752a12971b3145d815b
> > · sess_b2e462409e859648ae96a2da84dc03ce
> > · session_mm.sem

These are apache related logs, when apapche is compiled to use the mm
memory handler, and perhaps compiled with ssl support.

Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D. Just don't touch anything.

---

• Previous message: Enrique A. Compań Gzz.: "TheExeCutor v2.0 A PRE Release"
• In reply to: Keith.Morgan: "RE: Bug in Apache 1.3.20 Server - Hackemate Research"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages RE: Bug in Apache 1.3.20 Server - Hackemate Research ... Bug in Apache 1.3.20 Server - Hackemate Research ... (Vuln-Dev) Re: apache question ... # Based upon the NCSA server configuration files originally by Rob McCool. ... # configuration directives that give the server its instructions. ... Directives that control the operation of the Apache server process as ... (alt.php) Re: Apache and SSL ... # Based upon the NCSA server configuration files originally by Rob McCool. ... # This is the main Apache server configuration file. ... # configuration directives that give the server its instructions. ... (RedHat) Re: Apache vs IIS ... Windows Server not on my Linux Server so there for I would chose IIS. ... Not that Apache is bad but ASP.NET is far easier and faster to create good web forms in. ... PHP on a IIS server is rather easy to run once you install PHP on a PC but if you only use PHP why not use Apache for Windows. ... (alt.php) Re: HTTP servers on z/OS ... developed by the Apache Software Foundation. ... Also know as IHS ... "...the current IBM HTTP Server for z/OS and IHS for z/OS Powered by Apache, ... (bit.listserv.ibm-main)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)