-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

We've recently released a new version of our public Apache "chunking" exploit which works against all vulnerable Free/Net/OpenBSD (x86) machines. There is a lot of debate as to whether the vulnerability was exploitable on platforms other than OpenBSD. We hope that this is proof enough, and that finally people might realize that there is reason to patch their servers.

The exploit (apache-nosejob.c) has been sent to this list in a different email, since it is normally the policy of the moderators of this list to not publish exploits that come without advisories. Since the vulnerability is known, there is no reason to write new advisories. However we felt that sending the annoucement here is appropriate since the news is important and in our minds pertinant to what this list stands for.

If the exploit is not posted here, do not fret -- it should be available on packetstormsecurity.org very soon for all who are interested in studying it.

Good night and God Bless.

- -GOBBLES Security
"Security at the speed of VROOM VROOM VROOM VROOOOOOOOOOOOOOOOOOOOOOOOOOOOM."

-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com

wlwEARECABwFAj0T/74VHGdvYmJsZXNAaHVzaG1haWwuY29tAAoJEBzRp5chmbAPO1UA
n0rSpahiWqWgoy9sh/SaE/RdEvvuAKClMCJkyEAG7gaEb5LMnoNVvVs7RQ==
=REPO
-----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]