Re: Fwd: bugtraq.c httpd apache ssl attack
Previously Phillip Hofmeister wrote:
> I am using RedHat 7.3 with Apache 1.3.23. Someone used the
> program "bugtraq.c" to explore an modSSL buffer overflow to get access to
> a shell. The attack creates a file named "/tmp/.bugtraq.c" and compiles it
> using gcc.
One wonders why you would have gcc installed on a webserver..
Wichert.
--
_________________________________________________________________
/wichert@wiggy.net This space intentionally left occupied \
| wichert@deephackmode.org http://www.wiggy.net/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
Reply to: