Home page logo
/

bugtraq logo Bugtraq mailing list archives

Bug in apache httpd 1.1.3
From: misa () THOR INFOIASI RO (Mihai Ibanescu)
Date: Sun, 16 Feb 1997 15:28:40 +0200


        Hello!

        I noticed something interesting on my RedHat linux system (and on
some other linuxes).
        httpd creates a file /tmp/apache_status, and follows blindly any
link if /tmp/apache_status points somewhere, for instance /etc/passwd. So
one can overwrite any file in the system. If she is able to create such a
link, and I don't think that's impossible.
        The funny thing is that I have apache 1.1.3 installed on a SPARC
Solaris, and the problem doesn't exist there. So am I paranoid, or is
there a problem in the Apache server?

                                                Misa

Department of Computer Science          Mihai Ibanescu
"Al. I. Cuza" Univ. of Iasi             e-mail: misa () infoiasi ro
Romania                                 http://www.infoiasi.ro/~misa



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault