[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not?

To: decoder <decoder@xxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not?
From: Kai <kai@xxxxxxxxx>
Date: Fri, 17 Jun 2011 13:56:28 +0400

> Claiming to gain root through a service that most people do not run 
> as
> root already makes me think that this fake.

 do not forget about mpm-itk, mpm-peruser and analogs, when we have to 
 run apache as root.

-- 
 Cheers,

 Kai

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not?
  - From: decoder

References:
- [Full-disclosure] Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not?
  - From: kernel
- Re: [Full-disclosure] Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not?
  - From: Andrew Farmer
- Re: [Full-disclosure] Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not?
  - From: decoder

Prev by Date: [Full-disclosure] Essential PIM 4.22: MANY vulnerabilities in 3rd party libraries
Next by Date: Re: [Full-disclosure] Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not?
Previous by thread: Re: [Full-disclosure] Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not?
Next by thread: Re: [Full-disclosure] Apache 2.0.63 - 2.2.19 Remote Exploit Fake or not?
Index(es):
- Date
- Thread