Re: Hijacking Apache 2 via mod_perl

To: Steve Grubb <linux_4ever@xxxxxxxxx>
Subject: Re: Hijacking Apache 2 via mod_perl
From: Ben Laurie <ben@xxxxxxxxxxxxx>
Date: Thu, 22 Jan 2004 15:53:01 +0000
Cc: bugtraq@xxxxxxxxxxxxxxxxx, httpd security <security@xxxxxxxxxxxxxxxx>
In-reply-to: <20040121225333.27880.qmail@xxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <20040121225333.27880.qmail@xxxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6b) Gecko/20031205 Thunderbird/0.4

Steve Grubb wrote:

Product:         mod_perl
Versions:        1.99_09 / apache 2.0.47
URL:             http://perl.apache.org
Impact:          Daemon Hijacking
Bug class:       Leaked Descriptor
Vendor notified: Yes
Fix available:   No
Date:            01/21/04

Issue:

======
Mod_perl under apache 2.0.x leaks critical file descriptors that can be used to 
takeover (hijack) the http and https services.

This is not a leak - mod_perl is a module that is compiled into Apache,and hence has access to all its resources (including memory). If youwant to run untrusted Perl, then don't use mod_perl.


Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

Follow-Ups:
- Re[2]: Hijacking Apache 2 via mod_perl
  - From: 3APA3A

References:
- Hijacking Apache 2 via mod_perl
  - From: Steve Grubb

Prev by Date: yet another new phising scam
Next by Date: Re: Paper announcement: Is finding security holes a good idea?
Previous by thread: Hijacking Apache 2 via mod_perl
Next by thread: Re[2]: Hijacking Apache 2 via mod_perl
Index(es):
- Date
- Thread