On Fri, 2007-03-02 at 09:39 -0800, Roger Peña wrote:
--- Roger Peña orkcu@yahoo.com wrote:
As this bugtrack say "binaries from redhat" are not vulnerables but what happen to recompilations?
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200219
I understand that it is the compilation process what make this bug not exploitable and not the source code so, the question is: is the httpd binary from centos exploitable?
I could not find any refence in the web about this topic. maybe I should ask in the centos-user mailling list but because it is a compilation thing ..... I guess centos developer are the right to anwser
sorry, I forgot to mention that I do test the following "proof of concept" test:
http://www.securityfocus.com/archive/1/archive/1/443870/100/0/threaded
and httpd-2.0.52-28.ent.centos4 give the "302 Found" page so at least with that test I could not probe if it is vulnerable or not
If it did do a "302 Found" ... then it is not vulnerable:
from the article:
"If your web server doesn't reply you with a '302 Found' page or a Segmentation Fault appears in your error_log, an apache child has crashed and your web server is vulnerable and exploitable."
So a 302 found is good.
Thanks, Johnny Hughes