Wouldn't it be easier to create a blank /tmp/.bugtraq.c file, chmod 000, owned by root? On Fri, 13 Sep 2002, The Little Prince wrote: > > too easy to chmod 700 gcc to lock it to root? > obviously not as a TOTAL fix > > -Tony > .-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-. > Anthony J. Biacco Network Administrator/Engineer > thelittleprince@asteroid-b612.org http://www.asteroid-b612.org > > "Every day should be a good day to die" -DJM > .-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-. > > On 13 Sep 2002, Fernando Nunes wrote: > > > > > > > I am using RedHat 7.3 with Apache 1.3.23. Someone used the > > program "bugtraq.c" to explore an modSSL buffer overflow to get access to > > a shell. The attack creates a file named "/tmp/.bugtraq.c" and compiles it > > using gcc. The program is started with another computer ip address as > > argument. All computer files that the user "apache" can read are exposed. > > The program attacks the following Linux distributions: > > > > Red-Hat: Apache 1.3.6,1.3.9,1.3.12,1.3.19,1.3.20,1.3.22,1.3.23,1.3.26 > > SuSe: Apache 1.3.12,1.3.17,1.3.19,1.3.20,1.3.23 > > Mandrake: 1.3.14,1.3.19 > > Slakware: Apache 1.3.26 > > > > Regards > > Fernando Nunes > > Portugal > > > > > > -- > .-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-. > Anthony J. Biacco Network Administrator/Engineer > thelittleprince@asteroid-b612.org http://www.asteroid-b612.org > > "Every day should be a good day to die" -DJM > .-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-. > >
