Home page logo

pen-test logo Penetration Testing mailing list archives

which freebsd/apache is exploitable at all?
From: Ingram <Vail () gmx net>
Date: Wed, 21 Aug 2002 17:00:37 +0200 (MEST)


which Version of FreeBSD is really exploitable with the gobbles nosejob.c
I tried it on several versions, but couldn´t manage to get shell. On OpenBSD
not a problem, i could even spawn a shell on 2.9 which is not "supported" by

I tried the following configs:

FreeBSD 4.4 RELEASE + Apache 1.3.22
FreeBSD 4.5 RELEASE + Apache 1.3.23
FreeBSD 4.5 RELEASE + Apache 1.3.24
FreeBSD 4.6 RELEASE + Apache 1.3.24
FreeBSD 4.6 RELEASE + Apache 1.3.25

I use the cygwin win32 port of the gobbles nosejob.

Could anybody point me to the right direction how to exploit the apache
chunked vuln
on FreeBSD and which version/parameters actually work?

thx in advantage

GMX - Die Kommunikationsplattform im Internet.

This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:

  By Date           By Thread  

Current thread:
  • which freebsd/apache is exploitable at all? Ingram (Aug 21)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]