Full Disclosure: Re: Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not?

Re: Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not?

From: Kai <kai () rhynn net>
Date: Fri, 17 Jun 2011 13:56:28 +0400

Claiming to gain root through a service that most people do not run 
as
root already makes me think that this fake.


 do not forget about mpm-itk, mpm-peruser and analogs, when we have to 
 run apache as root.

-- 
 Cheers,

 Kai

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not? kernel (Jun 16)
- Re: Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not? Andrew Farmer (Jun 16)
  - Re: Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not? mrx (Jun 16)
  - Re: Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not? decoder (Jun 16)
    - Re: Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not? the nlhcrew (Jun 16)
    - Re: Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not? Kai (Jun 17)
    - Re: Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not? decoder (Jun 17)