On Thu, Mar 07, 2002 at 12:07:31AM -0500, Sean Davis wrote:
> First, I want to thank everybody who has posted information on this - it's
> something that (for obvious reasons) we don't want on our machines.
> 
> I have a question, however. Does this "virus" only affect Linux hosts?
> I personally do not run Linux, and have not for some time (all the security
> problems being just one of many reasons, but I don't want this to become an
> OS war)
> 
> I run NetBSD. NetBSD has, as an option. Linux binary emulation.
> Now, while I don't think there is any way for this virus to infect any other
> files on your system (that you do not own) unless you are root, how exactly
> is this program getting root?
> 
> Stop me if I'm wrong - but this thread was originally about apache exploits.
> Where is the vulnerability, apache, php, or what?

In this specific case, the exploit is in php (unless I misunderstood the
wulnerability it's about).


-- 
Manuel Bouyer <bouyer@antioche.eu.org>
--