On Tue, 5 Mar 2002, Benjamin Scott <[EMAIL PROTECTED]> wrote: > > My understanding is that this hole does not lead directly to privilege > elevation. In other words, it might lead to compromise of the "nobody" > account or similar, but not full root access (like CodeRed). Am I correct > here?
I believe you are correct. I am just talking about the bad PR aspect of this vulnerability leading to a fast-spreading worm. Certainly from a site administrators point of view a remote root compromise would be much worse. An amusing statistic to know would be what fraction of the ~9 million apache servers are misconfigured and running at elevated privileges, e.g. root :-) > (I am aware of the amount of damage even an unprivileged user can do, and > that root compromise is generally a short step away from an unprivileged > compromise, but I want to make sure my understanding of this PHP hole itself > is correct.) Right, I suppose the worm writer could leave a backdoor program running that would yield a shell as "nobody" for hackers to scan for come in trying to capture root. Not a warm thought: now all the local root compromises become remote ones... ***************************************************************** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug' in the message body. *****************************************************************
