"Bezpecne" verze Apache u RH
uhlar na fantomas.sk
uhlar na fantomas.sk
Pátek Červen 21 11:28:00 CEST 2002
Zdenek Mazanec <zdenek.mazanec na contactel.cz> wrote:
->> inak mozete necht stareho apacha, a ak sa vam tam niekto dostane, tak
->> uvidite ci je bezpecny ;))
-> Pokud jsem to spravne pochopil, tak 32bit unixy nejsou ohrozeny tim, ze by
-> nekdo byl schopen vzdalene pustit na serveru kod, riskuje se pouze dos utok.
-> Pletu se snad?
ano, pletiete sa:
Due to the nature of the overflow on 32-bit Unix platforms, this should
cause a segmentation violation and cause the child to terminate. However,
some 32-bit platforms are indeed exploitable due to quirks in their
implementation. 64-bit platforms are also likely to be exploitable due to a
data type conversion that occurs within Apache.
--
Matus "fantomas" Uhlar, uhlar na fantomas.sk ; http://www.fantomas.sk/
Warning: I don't wish to receive spam to this address.
Varovanie: Nezelam si na tuto adresu dostavat akukolvek reklamnu postu.
On the other hand, you have different fingers.
Další informace o konferenci Linux