A general warning for all [EMAIL PROTECTED] and [EMAIL PROTECTED] subscribers;
>>>>I run several sites using 1.3.29 and came across this page on the net: >>>> >>>> http://secu.zzu.edu.cn/modules.php?name=News&file=article&sid=413 I want to make clear (after misdirecting the last mail intended to close a security report) that there are several malicious "rootkits" being advertised to exploit Apache 1.3.29 or other system services that users should beware of (citation, among others, above.) This "rootkit" roots the box *YOU* use it on, not the Apache server or other system services. Beware of using "rootkits" to perform vulnerability testing, unless you entirely trust the author of the utility. Some of these "rootkits" look entirely innocent, until you note that there is an extra pointer deref in the code that invokes the root hexcode locally, even as it passes to a remote ip connection (with no ill effect or reaction on the remote box whatsoever.) Bill
