Re: Apache root exploitable? (fwd)

[ark_(_at_)_eltex_(_dot_)_ru]

-----BEGIN PGP SIGNED MESSAGE-----

- -- Begin forwarded message ---
<quote-apache-scalp.c>
 * apache-scalp.c
 * OPENBSD/X86 APACHE REMOTE EXPLOIT!!!!!!!
 *
 <snip-bs>
 * Remote OpenBSD/Apache exploit for the "chunking" vulnerability. Kudos
to
 <snip-more-bs>
 * The "experts" have already concurred that this bug...
 *      -       Can not be exploited on 32-bit *nix variants
 *      -       Is only exploitable on win32 platforms
 *      -       Is only exploitable on certain 64-bit systems
 *
 * However, contrary to what ISS would have you believe, we have
 * successfully exploited this hole on the following operating systems:
 *
 *      Sun Solaris 6-8 (sparc/x86)
 *      FreeBSD 4.3-4.5 (x86)
 *      OpenBSD 2.6-3.1 (x86)
 *      Linux (GNU) 2.4 (x86)
 *
 <
 <snip-more-bs-thank-you-we-won't-ask-you-for-warez-kiddie>
 * Abusing the right syscalls, any exploit against OpenBSD == root.
Kernel
 * bugs are great.
^^^^^^^^^^^^^^^^^^^^^

 Does anybody here know what are they talking about? Did anyone bother to ask?

 *
 * [#!GOBBLES QUOTES]
 <yes snip the bs>

</quote-apache-scalp.c>

In any event, what Jaques most eminently points out:
- -- End forwarded message ---
                                     _     _  _  _  _      _  _
 {::} {::} {::}  CU in Hell          _| o |_ | | _|| |   / _||_|   |_ |_ |_
 (##) (##) (##)        /Arkan#iD    |_  o  _||_| _||_| /   _|  | o |_||_||_|
 [||] [||] [||]            Do i believe in Bible? Hell,man,i've seen one!

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1i

iQCVAwUBPRNMJ6H/mIJW9LeBAQEt2AP/TBOHOMtvdCvh2mibTf3lA9FQVHYjNKu4
S/X8S/wQspObnu7zLCiNH+zCLmAhz51PHi2YI/yESjkTLbxCkkIk75+9SyNqThVf
2uz9L2HH4Cq4wsTiyOdzIEkQJOMnck0HYmtHWxU0p7e90fvxUWWgKVVrGOO9Sy7K
6LYk0kerH1o=
=0nPV
-----END PGP SIGNATURE-----