[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Re: Remote root exploit for mod_gzip (with debug_mode)

To: "Schmehl, Paul L" <pauls@utdallas.edu>
Subject: RE: [Full-Disclosure] Re: Remote root exploit for mod_gzip (with debug_mode)
From: Frank Knobbe <frank@knobbe.us>
Date: Thu, 20 Nov 2003 18:03:57 -0600

On Thu, 2003-11-20 at 17:31, Schmehl, Paul L wrote:
> > What user does apache run as under windows deployments?
> > 
> LOCALSYSTEM, which has no network privileges.

But in the past you have been able to use LOCALSYSTEM to create/edit an
account with Administrator privileges which you can then use to gain
network access. Your comment sounds like LOCALSYSTEM is harmless, and I
believe that is a wrong statement.

Cheers,
Frank

Attachment: signature.asc
Description: This is a digitally signed message part

References:
- RE: [Full-Disclosure] Re: Remote root exploit for mod_gzip (with debug_mode)
  - From: "Schmehl, Paul L" <pauls@utdallas.edu>

Prev by Date: Re: [Full-Disclosure] .hta virus analysys
Next by Date: Re: [Full-Disclosure] Sidewinder G2
Previous by thread: RE: [Full-Disclosure] Re: Remote root exploit for mod_gzip (with debug_mode)
Next by thread: [Full-Disclosure] windowsupdate.microsoft.com limits on how many times a computer can access it
Index(es):
- Date
- Thread