[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Re: Remote root exploit for mod_gzip (with debug_mode)

To: martin f krafft <madduck@madduck.net>
Subject: Re: [Full-Disclosure] Re: Remote root exploit for mod_gzip (with debug_mode)
From: Ben Nelson <lists@venom600.org>
Date: Thu, 20 Nov 2003 14:01:26 -0700

I s'pose it's only a 'root' exploit if you're running your webserver as root.

--Ben

martin f krafft wrote:

also sprach Alexander Antipov <pk95@yandex.ru> [2003.11.20.2028 +0100]:

/ uid=99(nobody) gid=99(nobody) groups=99(nobody)

where is the root exploit?


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Re: Remote root exploit for mod_gzip (with debug_mode)
  - From: martin f krafft <madduck@madduck.net>
- Re: [Full-Disclosure] Re: Remote root exploit for mod_gzip (with debug_mode)
  - From: Ron DuFresne <dufresne@winternet.com>

References:
- [Full-Disclosure] Remote root exploit for mod_gzip (with debug_mode)
  - From: "Alexander Antipov" <pk95@yandex.ru>
- [Full-Disclosure] Re: Remote root exploit for mod_gzip (with debug_mode)
  - From: martin f krafft <madduck@madduck.net>

Prev by Date: Re: [Full-Disclosure] .hta virus analysys
Next by Date: Re: [Full-Disclosure] Re: Remote root exploit for mod_gzip (with debug_mode)
Previous by thread: [Full-Disclosure] Re: Remote root exploit for mod_gzip (with debug_mode)
Next by thread: Re: [Full-Disclosure] Re: Remote root exploit for mod_gzip (with debug_mode)
Index(es):
- Date
- Thread