NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Vuln-Dev> 2002-q2

From: Michal Zalewski (lcamtufcoredump.cx)
Date: Sat Jun 22 2002 - 14:38:48 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 22 Jun 2002, Jedi/Sector One wrote:

> SetEnv DATE_LOCALE "******************************************..."

While this apparently is not an issue with "AllowOverride none" (I think
that's the default configuration for user-writable directories), and
typically, having different, execution-related AllowOverride settings
means you are a less or more trusted user, most likely can execute code
with Apache UID, there are still some interesting consequences of
exploiting a buffer overflow in the child process - for example, getting
write access to logs. Probably worth investigating.

-- 
_____________________________________________________
Michal Zalewski [lcamtufbos.bindview.com] [security]
[http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};:
=-=> Did you know that clones never use mirrors? <=-=
          http://lcamtuf.coredump.cx/photo/

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]