From: InfoSec News (isn c4i.org)
Date: Tue Jun 25 2002 - 06:49:25 CDT
Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Forwarded from: Joshua Levitsky <jlevitskjoshie.com>
Also the tool is completely useless to those of us running 1.3.23 with
a backport of the 1.3.26 fix... but that only includes Red Hat and
Mandrake users... how many of them could there be out there? Honestly
I was disappointed when I ran the scan and figured out all it was
doing was checking the version of apache from the header. To me that
isn't a test of anything. It's sad because I normally like stuff from
eEye. It would be nice if eEye made something that would really test
for the exploit since this is such a dangerous flaw in Apache.
--
Joshua Levitsky, MCSE, CISSP, EMTD
Desktop Systems Engineer
AOL Time Warner
----- Original Message -----
From: "InfoSec News" <isnc4i.org>
To: <isnattrition.org>
Sent: Monday, June 24, 2002 5:35 AM
Subject: RE: [ISN] Free tool: apache chunked vulnerability scanner
> Forwarded from: "Marc Maiffret" <marceeye.com>
> Cc: "Greg Broiles" <gbroilesparrhesia.com>
>
> yes the tool is non intrusive. thanks for pointing that out. well
> update the site.
>
>
> Signed,
> Marc Maiffret
> Chief Hacking Officer
> eEye Digital Security
> T.949.349.9062
> F.949.349.9538
> http://eEye.com/Retina - Network Security Scanner
> http://eEye.com/Iris - Network Traffic Analyzer
> http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities
>
>
> | -----Original Message-----
> | From: Greg Broiles [mailto:gbroilesparrhesia.com]
> | Sent: Friday, June 21, 2002 10:07 AM
> | To: isnattrition.org; marceeye.com
> | Subject: Re: [ISN] Free tool: apache chunked vulnerability scanner
> |
> |
> | Marc Maiffret wrote:
> |
> | >We released a free tool tonight to scan for the recent Apache chunked
> | >encoding vulnerability.
> | >
> | >You can download it from:
> | >http://www.eeye.com/html/Research/Tools/apachechunked.html
> |
> | Wouldn't it be more accurate to say that you've released a free
> | tool which scans HTTP headers for Apache version numbers, and then
> | reports servers as vulnerable if they report running a version which,
> | if unpatched, would bevulnerable?
> |
> | Now, that's a very helpful program, but it's not really the same thing
> | as scanning for the vulnerability itself.
> |
> |
> | --
> | Greg Broiles -- gbroilesparrhesia.com -- PGP 0x26E4488c or 0x94245961
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoattrition.org with 'unsubscribe isn'
in the BODY of the mail.
|
