Home page logo
/

bugtraq logo Bugtraq mailing list archives

Remote Apache 1.3.x Exploit
From: gobbles () hushmail com
Date: Wed, 19 Jun 2002 12:45:24 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This is for immediate release.  This may not be sent to any "advanced warning system", such as ARIS.  This was written 
for the community, and not just a few companies with deep pockets full of the big dollar.

Attached is a remote Apache 1.3.X exploit for the "chunking" vulnerability.  This version of the exploit works only on 
OpenBSD.  "Experts" have argued as to why this is not exploitable on x86/*nix.  This version of the exploit has been 
modified to convince these "experts" that they are wrong.  Further, it is very ./friendly and all 
scriptkids/penetration testers should be able to run it without any trouble.

My God have mercy on our souls.

- -GOBBLES Security

-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com

wlwEARECABwFAj0Q3g8VHGdvYmJsZXNAaHVzaG1haWwuY29tAAoJEBzRp5chmbAP7R0A
nRyuMq0D8z0T6bg++HH27mGXyPqlAJ9l6Qv8h/5+2pvnn6nJ+sUUZdeebw==
=5v5m
-----END PGP SIGNATURE-----

Attachment: apache-scalp.c
Description:

Attachment: apache-scalp.c.sig
Description:


  By Date           By Thread  

Current thread:
  • Remote Apache 1.3.x Exploit gobbles (Jun 20)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]