Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Netscape FastTrack httpd remote exploit
From: vision () WHITEHATS COM (Max Vision)
Date: Fri, 31 Dec 1999 11:51:44 -0800


This attack can now be detected by the following IDS signatures:


These signatures are also available as part of

Note that each record includes packet traces from usage of an actual
exploit attempt.

Max Vision
http://whitehats.com/   <- free tools, forums, IDS database

On Fri, 31 Dec 1999, Brock Tellier wrote:
A vulnerability in Netscape FastTrack 2.01a will allow any remote user to
execute commands as the user running the httpd daemon (probably nobody).  This
service is running by default on a standard UnixWare 7.1 installation.

/** uwhelp.c - remote exploit for UnixWare's Netscape FastTrack
 **            2.01a scohelp http service

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]