[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Re: Remote root exploit for mod_gzip (with debug_mode)
- To: <full-disclosure@lists.netsys.com>
- Subject: RE: [Full-Disclosure] Re: Remote root exploit for mod_gzip (with debug_mode)
- From: "Schmehl, Paul L" <pauls@utdallas.edu>
- Date: Thu, 20 Nov 2003 17:31:19 -0600
> -----Original Message-----
> From: full-disclosure-admin@lists.netsys.com
> [mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of
> Ron DuFresne
> Sent: Thursday, November 20, 2003 4:18 PM
> To: Ben Nelson
> Cc: martin f krafft; full-disclosure@lists.netsys.com
> Subject: Re: [Full-Disclosure] Re: Remote root exploit for
> mod_gzip (with debug_mode)
>
>
> What user does apache run as under windows deployments?
>
LOCALSYSTEM, which has no network privileges.
Paul Schmehl (pauls@utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html