Vulnerability Development mailing list archives
Re: Rumours about Apache 1.3.22 exploits -> analysis of so-called exploit client
From: Manuel Bouyer <bouyer () antioche eu org>
Date: Thu, 7 Mar 2002 20:46:29 +0100
On Thu, Mar 07, 2002 at 12:07:31AM -0500, Sean Davis wrote:
First, I want to thank everybody who has posted information on this - it's something that (for obvious reasons) we don't want on our machines. I have a question, however. Does this "virus" only affect Linux hosts? I personally do not run Linux, and have not for some time (all the security problems being just one of many reasons, but I don't want this to become an OS war) I run NetBSD. NetBSD has, as an option. Linux binary emulation. Now, while I don't think there is any way for this virus to infect any other files on your system (that you do not own) unless you are root, how exactly is this program getting root? Stop me if I'm wrong - but this thread was originally about apache exploits. Where is the vulnerability, apache, php, or what?
In this specific case, the exploit is in php (unless I misunderstood the wulnerability it's about). -- Manuel Bouyer <bouyer () antioche eu org> --
Current thread:
- Re: Rumours about Apache 1.3.22 exploits, (continued)
- Re: Rumours about Apache 1.3.22 exploits Blue Boar (Mar 05)
- Re: Rumours about Apache 1.3.22 exploits KF (Mar 05)
- Re: Rumours about Apache 1.3.22 exploits Erik Tayler (Mar 05)
- Re: Rumours about Apache 1.3.22 exploits Charles 'core' Stevenson (Mar 05)
- Re: Rumours about Apache 1.3.22 exploits nilton . gs . sc (Mar 05)
- Re: Rumours about Apache 1.3.22 exploits adamb (Mar 06)
- Re: Rumours about Apache 1.3.22 exploits Richard Hamnett (Mar 06)
- Re: Rumours about Apache 1.3.22 exploits Vanja Hrustic (Mar 06)
- Re: Rumours about Apache 1.3.22 exploits -> analysis of so-called exploit client adamb (Mar 06)
- Re: Rumours about Apache 1.3.22 exploits -> analysis of so-called exploit client Sean Davis (Mar 06)
- Re: Rumours about Apache 1.3.22 exploits -> analysis of so-called exploit client Manuel Bouyer (Mar 08)
- Re: Rumours about Apache 1.3.22 exploits -> analysis of so-called exploit client Sean Davis (Mar 07)
- Re: Rumours about Apache 1.3.22 exploits -> analysis of so-called exploit client Manuel Bouyer (Mar 08)
- Re: Rumours about Apache 1.3.22 exploits adamb (Mar 06)
- RE: Rumours about Apache 1.3.22 exploits Benjamin Morin (Mar 07)
- strange win2k behavior hotx (Mar 09)
- Re: strange win2k behavior Felix Domke (Mar 09)