Mailinglist Archive: opensuse-security (685 mails)

< Previous Next >
Re: [suse-security] openssh
  • From: Peter Wiersig <wiersig@xxxxxxxxx>
  • Date: Wed, 6 Feb 2002 12:07:17 +0100
  • Message-id: <200202061102.MAA17325@xxxxxxxxxxxxx>
Am Mittwoch, 6. Februar 2002 11:42 schrieb Muhic Mirza:

> Does anybody hear about new sploit for apache al versions < 1.3.22 ??????
> there are some bugs in mod_php and by the apache attacker getting root
> shell on your machine ?? it not just story it s reality cause i have seen
> these hacked server s last days with that sploit ..

Can you say a bit or two about the configuration of mod_php on these machines?

Were safe_mode enabled? If not it may be a exploit for another local
vulnerability, because php allows you to execute any program on the webserver
if not configured properly.

Were ftp-connections logged before the break-in?

I disbelieve that there is a remote root-exploit in php, but I believe that
one can misconfigure php to allow local exploits.


> One thing is sure : nothing is not sure in fact .

I agree with that.

Peter

< Previous Next >