Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Incidents: Re: Apache 1.3.XX

Re: Apache 1.3.XX

From: Veins <veins_at_skreel.org>
Date: Fri, 1 Feb 2002 22:17:35 +0100

> What was the full URI ? Are you sure it wasn't some box infected with
> Code Red II or the like ?
>
> On a side note, how could this vulnerability yeild a root shell when
> apache isn't/shouldn't be running as root.
>
> -Blake

Apache runs as root. It uses a root process to bind to port 80 and to spawn
and kill
setuid child processes.

Also, people have advised to run apache chroot()-ed, this adds another layer
in the
security but...is useless if the cracker actually gets to bind a root shell
as it is not so
hard to break out of a chroot with root privileges if you want to.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
Received on Feb 04 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos