[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
FW: Remote Apache 1.3.x Exploit
Can anyone enlighten me as to whether this exploit will effect OpenBSD 3.1
assuming the httpd has been patched from cvs.
After patching should the version number change or stay the same?
-----BEGIN PGP SIGNED MESSAGE-----
This is for immediate release. This may not be sent to any "advanced warning system", such as ARIS. This was written for the community, and not just a few companies with deep pockets full of the big dollar.
Attached is a remote Apache 1.3.X exploit for the "chunking" vulnerability. This version of the exploit works only on OpenBSD. "Experts" have argued as to why this is not exploitable on x86/*nix. This version of the exploit has been modified to convince these "experts" that they are wrong. Further, it is very ./friendly and all scriptkids/penetration testers should be able to run it without any trouble.
My God have mercy on our souls.
- -GOBBLES Security
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com
-----END PGP SIGNATURE-----
Communicate in total privacy.
Get your free encrypted email at https://www.hushmail.com/?l=2
Looking for a good deal on a domain name? http://www.hush.com/partners/offers.cgi?id=domainpeople