httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 35594] New: - I found exploit on apache server
Date Mon, 04 Jul 2005 06:34:06 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=35594>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=35594

           Summary: I found exploit on apache server
           Product: Apache httpd-2.0
           Version: 2.1-HEAD
          Platform: Other
        OS/Version: Linux
            Status: NEW
          Severity: critical
          Priority: P3
         Component: All
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: michaelchikit@gmail.com


Hi,
  We are using apache 2.0. We found someone exploit apache server. Someone
inject some html under our web root.
  I have checked those is created by apache user and owned apache user.
Moreover, we have any script to allow to upload file to that direcotry.

Regards,
Michael

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message