httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Behlendorf <>
Subject Yahoo hacked, rumor blames old apache
Date Fri, 12 Dec 1997 00:19:29 GMT
>Approved-By: aleph1@UNDERGROUND.ORG
>X-Authentication-Warning: nobody@localhost didn't use
>                         HELO protocol
>X-Mailer: Web.Box v1.0b1 by Thomas =?UNKNOWN-8BIT?Q?Str=F6mberg?=
>X-Mailed-From: @ from
>Date: 	Wed, 10 Dec 1997 23:27:43 +0000
>Reply-To: dev.random@DEV.RANDOM.NU
>Sender: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
>From: Thomas Stromberg <dev.random@DEV.RANDOM.NU>
>Subject:      Re: Yahoo hacked
> >    The real question, that will probably remain unanwsered, is what was
> > the hole? The top choise on the list is DNS chache poissoning to redirect
> > Yahoo's homepage to some other web server, but that does not mix well with
> > the statement that Yahoo was able to fix the problem after they realized
> > what was going on.
> >
>There is speculation (though no confirmation, everyone at Yahoo!,
including Filo, have been keeping this hush-hush) that it Yahoo!'s
webserver is built on an old version of Apache and in the process they
might have neglected to patch one of the known holes from the older
versions of Apache.
>In any case, word has supposedly come from someone at Yahoo that this
exploit does not effect other FreeBSD hosts. So whether its a case of a
modified buggy version of Apache, or some poorly written CGI's (possibly
remote administration ones?) remains to be seen.
>thomas "devrandom" stromberg
>sysadmin @ royal institute of technology.
"it's a big world, with lots of records to play." - sig

View raw message