On 06/17/2011 11:56 AM, Kai wrote: >> Claiming to gain root through a service that most people do not run as >> root already makes me think that this fake. > > do not forget about mpm-itk, mpm-peruser and analogs, when we have to > run apache as root. > True, and I cannot really say how many people use these modules/functions. But nevertheless I assume it's not the majority. So I assume claiming to have an exploit that gains root on any Apache without making further restrictions to when it can be applied seems fake. In the case of mpm-itk for example I think the impact of exploiting the forked instance you talk to would be no more than gaining access at the level of the user that owns the vhost, as the forked child will drop root immediately and run under user's uid/gid. Of course it's still possible to find a root hole somewhere in there, but then again I guess it would be itk specific. Best, Chris
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/