From owner-freebsd-security  Wed Feb 27  7:50:32 2002
Delivered-To: freebsd-security@freebsd.org
Received: from skip-ext.ab.videon.ca (skip-ext.ab.videon.ca [206.75.216.36])
	by hub.freebsd.org (Postfix) with SMTP id 49AD837B405
	for <security@freebsd.org>; Wed, 27 Feb 2002 07:50:08 -0800 (PST)
Received: (qmail 12074 invoked from network); 27 Feb 2002 15:50:07 -0000
Received: from unknown (HELO e6943cy62k081) ([204.209.209.205]) (envelope-sender <laurence@fluxinc.com>)
          by skip-ext.ab.videon.ca (qmail-ldap-1.03) with SMTP
          for <security@freebsd.org>; 27 Feb 2002 15:50:07 -0000
Message-ID: <07cb01c1bfa6$d1c99550$3531000a@shaw.ca>
From: "Laurence Brockman" <laurence@fluxinc.com>
To: <security@freebsd.org>, <isp@freebsd.org>, <ports@freebsd.org>
References: <DC21C58FDD6FD511952A0002A55CAD634E7874@nlspm003.nl.eds.com>
Subject: Re: HEADS UP: Security Alert For Apache / PHP Webservers
Date: Wed, 27 Feb 2002 08:52:54 -0700
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Just another heads up as well.

Lately on a lot of security lists there is a lot of dis-information being
posted. On Security Focus lists there have even been "exploits" posted that
in reality are trojans that will open up a root shell on unsuspecting users.

So far I have seen these so called advisories (Or really rumours of
vulnerabilities) for Apache, SSH2 (Later versions), BIND and SNMPD (UCD-SNMP
ver 4.2.2 I think, or ver 4.2.1). Now the SNMPD advisory is real, but the
exploits that have been released aren't.

So again, be careful with what you believe and run from these lists (As you
should always be)...

See the following from Blue Boar of the Vuln-Dev list
http://online.securityfocus.com/archive/82/258445

Thanks,
Laurence

----- Original Message -----
From: "Van Beerschoten, Stephan" <stephan.vanbeerschoten@eds.com>
To: <security@freebsd.org>; <isp@freebsd.org>; <ports@freebsd.org>
Sent: Wednesday, February 27, 2002 7:14 AM
Subject: FW: HEADS UP: Security Alert For Apache / PHP Webservers


> I usually don't mail from my corporate account, but this needs some fast
> fixing on almost all FreeBSD/apache/php servers.
>
> -Stephan
>

<SNIP>

>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message