Re: Apache Chunked Encoding Vulnerability on AIX (RS6000)

From: Kevin Spett (kspett@spidynamics.com)
Date: Wed Aug 14 2002 - 13:58:55 EDT


What happens when you run a chunked encoding exploit against it? If you
don't get a response and your connection is suddenly terminated, it's
vulnerable. I would not consider the server "safe" just because no one has
posted exploit code for it to bugtraq either.

Kevin Spett
SPI Labs
http://www.spidynamics.com/

----- Original Me0ssage -----
From: <r00t@online.ie>
To: <pen-test@securityfocus.com>
Sent: Tuesday, August 13, 2002 8:10 AM
Subject: Apache Chunked Encoding Vulnerability on AIX (RS6000)

>
> Hi All,
>
> I am currently pen-testing an AIX platform, which utilises Apache and IBM
HTTP
> server in order to communicate with a back-end AS400 enviornment.
>
> I have scanned the remote host with the eeye tool Retina - Apache Chunked
> scanner V 1,0,3, which reports the host vulnerable.
>
> It would appear the tool attempts to exploit the vulnerability by
attempting to
> send a small request that makes a vulnerable server to become
unresponsive.
>
> Would I be right to say that this vulnerability is not exploitable on an
RS6000
> platform, given the current exploits in the wild, and the eeye tool is
again
> producing false positives ????????
>
> Any help is very much appreciated.
>
> Thanks in advance.
>
>
> ./Mark
>
>
> PS: SF Bid number = BID 5033
>
>
> --------------------------------------------------------------------------

--
> This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please
see:
> https://alerts.securityfocus.com/
>
>
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:24 EDT