[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: possible apache flaw ?
On Mon, 2002-03-11 at 00:23, veins wrote:
> in php scripts as even the most insecure script would not make apache
> segfault and
> "give" someone a shell.
I doubt segfaulting... but I see no reason why bad PHP programming
wouldn't happily give me a shell :).
> I didn't get the chance to portscan the server and
> see if it really
> binds a shell to some port because of pf having very restrictrive rules but
> that would
> explain the idling (user 'www' loggued in for 10 minutes idling before I
> kill the process).
Check if there are remote ssh sessions. If I had a way to get Apache
(or PHP or whatever) to barf while tucked behind a "restrictive"
firewall I'd have it spawn an 'ssh -R ...' and have it connect to me :).
The segfault bit is disturbing though. Either your *really* screwed
something up :) or someone's got an interesting exploit.
So to be clear, this is NOT the default Apache from OpenBSD but the
latest flavor from apache.org? Same with PHP?
> is constantly auditing logs in search of weird things.
Hmmm, and a packet sniffer on another box would be fun :).
Can you tell, from your logs, say login times for the www users and the
last pages accessed?