[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GOBBLES and errata 005

To: "T. Kinch" <tdotkinch@yahoo.com>
Subject: Re: GOBBLES and errata 005
From: Alex de Joode <usura@zedz.net>
Date: Mon, 24 Jun 2002 17:52:06 +0200
Cc: misc@openbsd.org
Content-Disposition: inline
References: <20020624133608.59640.qmail@web14808.mail.yahoo.com>
User-Agent: Mutt/1.2.5.1i

On Mon, Jun 24, 2002 at 06:36:07AM -0700, T. Kinch wrote:
> I have not seen anyone else mention this so I thought
> I would. I am not a C programmer but if you look at
> the source of the exploit (available
> athttp://packetstorm.linuxsecurity.com/0206-exploits/apache-scalp.c)
> you will see that it is sending a bogus Host: http
> header. If your Apache server uses virtual servers
> (requires a correct host header) the exploit as
> written will not work on you. This obviously does not
> mean you are not vulnerable.
> 

http://www.eeye.com/html/Research/Tools/apachechunked.html

Has a nice utility to check if a host runs an exploitable
version of Apache. 

(now we only need a scanner for exploitable openssh versions :()

-- 
Alex de Joode
usura@zedz.net

Follow-Ups:
- Re: GOBBLES and errata 005
  - From: Dries Schellekens <gwyllion@ace.ulyssis.org>
- Re: GOBBLES and errata 005
  - From: francisco <frisco@blackant.net>
- Re: GOBBLES and errata 005
  - From: HBurde@t-online.de (Holger Burde)
- Re: GOBBLES and errata 005
  - From: Scott Francis <darkuncle@darkuncle.net>
- Re: GOBBLES and errata 005
  - From: Lars Hansson <lars@unet.net.ph>

References:
- GOBBLES and errata 005
  - From: "T. Kinch" <tdotkinch@yahoo.com>

Prev by Date: Re: Compay HPUX
Next by Date: CVS tag for OpenSSH 3.3
Prev by thread: GOBBLES and errata 005
Next by thread: Re: GOBBLES and errata 005
Index(es):
- Date
- Thread