Full Disclosure mailing list archives
Re: RE: Apache 1.3.27 Remote Root 0-Day Exploit (OFFICIAL POST)
From: Christian Friedl <xian () mediaclan at>
Date: Sat, 21 Jun 2003 14:05:38 +0200 (METDST)
"mattmurphy () kc rr com" <mattmurphy () kc rr com> writes on Fri, 20 Jun 2003 20:48:33 +0200 (METDST):
Had KOEC intended to cause serious damage, that shellcode could have been written to execute: rm -rf / it is advised that users at least drop the privileges of suspect code with 'su' -- never run suspect files as highly-privileged users.
Just wanted to add: that won't help much in case it really IS a local root exploit. I call stuff like this "local curiosity exploit", admit to have fallen for that kind of traps in the past and repent my sins :-) chris (stand1ng 1n c0rn3r, watching the x-files) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Apache 1.3.27 Remote Root 0-Day Exploit (OFFICIAL POST) koec (Jun 20)
- Re: Apache 1.3.27 Remote Root 0-Day Exploit (OFFICIAL POST) Michael (Jun 20)
- Re: Apache 1.3.27 Remote Root 0-Day Exploit (OFFICIAL POST) Eric Chien (Jun 20)
- RE: Apache 1.3.27 Remote Root 0-Day Exploit (OFFICIAL POST) gml (Jun 20)
- Re: Apache 1.3.27 Remote Root 0-Day Exploit (OFFICIAL POST) David M. Wilson (Jun 23)
- RE: Apache 1.3.27 Remote Root 0-Day Exploit (OFFICIAL POST) gml (Jun 20)
- Re: Apache 1.3.27 Remote Root 0-Day Exploit (OFFICIAL POST) Gareth Bromley (Jun 20)
- <Possible follow-ups>
- RE: Apache 1.3.27 Remote Root 0-Day Exploit (OFFICIAL POST) Hudak, Tyler (Jun 20)
- RE: Apache 1.3.27 Remote Root 0-Day Exploit (OFFICIAL POST) mattmurphy () kc rr com (Jun 20)
- Re: RE: Apache 1.3.27 Remote Root 0-Day Exploit (OFFICIAL POST) Christian Friedl (Jun 21)
