On Thu, Mar 07, 2002 at 08:46:29PM +0100, Manuel Bouyer wrote:
> On Thu, Mar 07, 2002 at 12:07:31AM -0500, Sean Davis wrote:
> > First, I want to thank everybody who has posted information on this - it's
> > something that (for obvious reasons) we don't want on our machines.
> > 
> > I have a question, however. Does this "virus" only affect Linux hosts?
> > I personally do not run Linux, and have not for some time (all the security
> > problems being just one of many reasons, but I don't want this to become an
> > OS war)
> > 
> > I run NetBSD. NetBSD has, as an option. Linux binary emulation.
> > Now, while I don't think there is any way for this virus to infect any other
> > files on your system (that you do not own) unless you are root, how exactly
> > is this program getting root?
> > 
> > Stop me if I'm wrong - but this thread was originally about apache exploits.
> > Where is the vulnerability, apache, php, or what?
> 
> In this specific case, the exploit is in php (unless I misunderstood the
> wulnerability it's about).
> 

I think the vulnerability in question is in PHP. Is the version of PHP4 in
NetBSD pkgsrc fixed? I've disabled php in apache since I don't use it much
anyway, but I'd feel a lot better about re-enabling it if I knew it was no
longer an issue.

-- 
/~\ The ASCII                         Sean Davis
\ / Ribbon Campaign                    aka dive
 X  Against HTML
/ \ Email!               http://eros.endersgame.net:8000/~dive