[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Possible apache2/php 4.3.9 worm

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Possible apache2/php 4.3.9 worm
From: DanB UK <danbuk@xxxxxxxxx>
Date: Thu, 23 Dec 2004 14:09:24 +0000

> Do read the code carefully though Dan. Right off hand I can see errors
> that were also in the code posted to bugtraq on the 20th; K-OTik may
> have added more, dunno.

It is probable that they have added errors in. To curb the script
kiddies picking things up and modifying it and releasing it.
I have a bit of a worry about that and my talk, whether or not to
release my sample code. It could be used quite evilly if the intention
was there. I probably won't.

Cheers,
Daniel.
-- 
DanB UK
London, UK
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Possible apache2/php 4.3.9 worm
  - From: dk

References:
- [Full-Disclosure] Possible apache2/php 4.3.9 worm
  - From: Alex Schultz
- Re: [Full-Disclosure] Possible apache2/php 4.3.9 worm
  - From: Ron Brogden
- Re: [Full-Disclosure] Possible apache2/php 4.3.9 worm
  - From: DanB UK
- Re: [Full-Disclosure] Possible apache2/php 4.3.9 worm
  - From: Barrie Dempster
- Re: [Full-Disclosure] Possible apache2/php 4.3.9 worm
  - From: dk

Prev by Date: [Full-Disclosure] Plesk 7 Cross-Site Scripting
Next by Date: [Full-Disclosure] STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard
Previous by thread: Re: [Full-Disclosure] Possible apache2/php 4.3.9 worm
Next by thread: Re: [Full-Disclosure] Possible apache2/php 4.3.9 worm
Index(es):
- Date
- Thread