Mailinglist Archive: opensuse-security (499 mails)

< Previous Next >
Re: [suse-security] Apache Exploit Code
  • From: Sven 'Darkman' Michels <sven@xxxxxxxxxx>
  • Date: Thu, 20 Jun 2002 16:35:35 +0200
  • Message-id: <3D11E837.3030108@xxxxxxxxxx>
Bernie Seidenspinner wrote:

it's not realy so. the first message say's there is a bug in apache an
suse put the updatet package (1.3.19) on the server. after this moment a
new info means all apache's inclusive apache 1.3.25 where exploitable.

Until now, the exploit is only avaiable for openbsd. Till a 'linux'
release it will take some time.
For 'Admins' who run Sites which are important/HA/whatever the rpm should
not be a real problem cause they should use own compiled servers ;)
All other ppl: will take some time till you'll get a 'target' for such attacks.
Maybe, it's a 'quick patch' to put a Proxy infront who can filter out
the Chunked request header (don't slap me if i'm wrong, just an idea ;)

i think the suse packages are exploitable, because version 1.3.19, and
the exploit can help us to find out this.

the released exploit for openbsd doesn't work against SuSE (7.3 here)
out of the box (with the defined targets), so it's not useable for
scriptkiddies (needs a little of brain ;)

So, calm down, drink coffe and let the suse-security team do a
good job (i'm sure they will.)

Sven Michels

< Previous Next >
Follow Ups