Date: Thu, 20 Jun 2002 14:44:35 +0400 (MSD) From: Maxim Kozin <madmax@express.ru> To: freebsd-security@freebsd.org Subject: Re: Apache expoit? Message-ID: <Pine.BSF.4.05.10206201332120.3035-100000@ds.express.ru> In-Reply-To: <2147483647.1024500409@[192.168.4.154]>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 19 Jun 2002, Jason DiCioccio wrote: > I don?t know if this has already made bugtraq, or if it's waiting in their > queue or what.. But I just happened to get ahold of this recently. It > appears that FreeBSD and OpenBSD are exploitable. ...skipped... "Exploit" from this letter tested on FreeBSD 4.6-RELEASE with different version apache: 1) 2.0.36 2) 2.0.39 3) 1.3.26 In case of 1) and (!) 2) httpd child died with "child out of swap space". So, in 2.0.39 still exists DoS. Solution with login.conf not worked , because apache not used setclass*() setusercontext() function. p.s. 2.0.39 configured as: ./configure \ "--with-layout=Apache" \ "--enable-threads" \ "--enable-shared=max" \ "--enable-module=all" \ "--with-mpm=worker" b.r. Kozin Maxim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.10206201332120.3035-100000>