lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <411F7577.5080904@umbrella.name>
From: liudieyu at umbrella.name (Liu Die Yu)
Subject: ***INTERLAND*** 's default vps PROBABLY has
 REMOTE COMPROMISE vulnerability

thanks for pointing out the possibility of backport. interland is 
running freebsd4 instead of redhat linux, but there is also backport for 
freebsd.

i got a question here:
i am the administrator of the interland VPS  running apache whose 
version # is 1.3.22.
how can i know if it has backport or not?

(
ah. the best direct way is to ask VPS guys by creating a support ticket. 
but as i said, no one responded to this question.
INTERLAND guys usually respond to support ticket in 12 hours and solve 
problem effectively, but they failed to respond this time.
)

the lumpalaya wrote:

>Oh yeah, I forgot to include this link, in case it happens to be the
>case.. not that I would know, I dont use Interland...
>
>https://www.redhat.com/advice/speaks_backport.html
>  
>

>Just curious -- did you make sure to account for the fact that lots of
>people backport fixes so that version numbers dont always tell
>you that something is exploitable?  (linux dists seem keen on this a lot).
>
>  
>
>>INTERLAND is the most popular web hosting corporation online - even
>>bigger than VERIO - according to 3rd-party survey. INTERLAND's default
>>vps PROBABLY has REMOTE COMPROMISE vulnerability. "PROBABLY" means i
>>just checked the version # of apache, but have not exploited it yet.
>>
>>when i was planning to run my webapp on INTERLAND's web server, i found
>>the server is running apache.1.3.22 and php4.0.x. after checking
>>security record at httpd.apache.org AND php.net, i found both apache and
>>php contain serious vulnerabilities:
>>
>>the most serious problem is critical: apache1.3.22 contains REMOTE
>>COMPROMISE vulnerability:
>>    Apache Chunked encoding vulnerability  CVE-2002-0392
>>
>>i created support ticket in my account, and waited for about 36 hours,
>>but no one responded. then i closed the ticket. it looks like the
>>support staff don't care for remote compromise - or too busy to fix it.
>>so INTERLAND users must download and install apache themselves.
>>
>>for demonstration purpose, the following INTERLAND websites are running
>>apache1.3.22
>>209.203.227.116,  209.203.227.115, 209.203.227.114
>>209.203.227.117 is an exception - it's my web server with apache1.3.32
>>and php5 :-))))
>>
>>Regards,
>>
>>Liu Die Yu
>>http://umbrella.name/people/liu.dieyu/
>>
>>UMBRELLA.NAME
>>
>>_______________________________________________
>>Full-Disclosure - We believe in it.
>>Charter: http://lists.netsys.com/full-disclosure-charter.html
>>
>>    
>>
>
>.
>
>  
>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ