Bugtraq mailing list archives
Bug in apache httpd 1.1.3
From: misa () THOR INFOIASI RO (Mihai Ibanescu)
Date: Sun, 16 Feb 1997 15:28:40 +0200
Hello! I noticed something interesting on my RedHat linux system (and on some other linuxes). httpd creates a file /tmp/apache_status, and follows blindly any link if /tmp/apache_status points somewhere, for instance /etc/passwd. So one can overwrite any file in the system. If she is able to create such a link, and I don't think that's impossible. The funny thing is that I have apache 1.1.3 installed on a SPARC Solaris, and the problem doesn't exist there. So am I paranoid, or is there a problem in the Apache server? Misa Department of Computer Science Mihai Ibanescu "Al. I. Cuza" Univ. of Iasi e-mail: misa () infoiasi ro Romania http://www.infoiasi.ro/~misa
Current thread:
- Security Advisory: A simple TCP spoofing attack, (continued)
- Security Advisory: A simple TCP spoofing attack Oliver Friedrichs (Feb 09)
- Re: Security Advisory: A simple TCP spoofing attack Wietse Venema (Feb 12)
- buffer overflow in configurable fingerd? M Shariful Anam (Feb 12)
- Re: buffer overflow in configurable fingerd? Ken Hollis (Feb 12)
- Security Bulletins Digest Aleph One (Feb 13)
- Linux NLSPATH buffer overflow solar () IDEAL RU (Feb 13)
- Re: Linux NLSPATH buffer overflow Alan Cox (Feb 14)
- CIAC Bulletin H-27: HP-UX vgdisplay Buffer Overrun Vulnerability Aleph One (Feb 15)
- screen 3.05.02 Khelbin Sunvold (Feb 15)
- Re: screen 3.05.02 test (Feb 16)
- Bug in apache httpd 1.1.3 Mihai Ibanescu (Feb 16)
- Re: Bug in apache httpd 1.1.3 Dean Gaudet (Feb 16)
- Announce new phf prober release Ray W. Hiltbrand (Feb 17)
- Re: Announce new phf prober release J. Bouvrie (Feb 17)
- NT password dictionary attack. Paul Ashton (Feb 18)
- New CIFS paper up for grabs *Hobbit* (Feb 18)
- Security Advisory: A simple TCP spoofing attack Oliver Friedrichs (Feb 09)
- Re: screen 3.05.02 Mr. Cyb (Feb 16)
- FreeBSD,rlogin and coredumps. Roelof W Temmingh (Feb 16)
- Re: FreeBSD,rlogin and coredumps. David Greenman (Feb 16)
- Re: FreeBSD,rlogin and coredumps. Adrian Chadd (Feb 17)
- Re: FreeBSD,rlogin and coredumps. Jamshid Abedi (Feb 17)