[Full-Disclosure] Re: Remote root exploit for mod_gzip (with debug_mode)
Schmehl, Paul L
pauls at utdallas.edu
Thu Nov 20 23:31:19 GMT 2003
> -----Original Message-----
> From: full-disclosure-admin at lists.netsys.com
> [mailto:full-disclosure-admin at lists.netsys.com] On Behalf Of
> Ron DuFresne
> Sent: Thursday, November 20, 2003 4:18 PM
> To: Ben Nelson
> Cc: martin f krafft; full-disclosure at lists.netsys.com
> Subject: Re: [Full-Disclosure] Re: Remote root exploit for
> mod_gzip (with debug_mode)
> What user does apache run as under windows deployments?
LOCALSYSTEM, which has no network privileges.
Paul Schmehl (pauls at utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
Full-Disclosure is hosted and sponsored by Secunia.