| VID |
22271 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Apache web server appears to be running the mod_rootme module.
This 'mod_rootme' module silently allows a user to gain a root shell access to the remote system via a simple GET HTTP request(GET root HTTP/1.0) without any logging. It is a very cool module that sets up a backdoor inside of Apache.
* References:
http://www.packetstormsecurity.org/filedesc/mod_rootme-0.2.html
* Platforms Affected:
Apache Web server Any version
Unix Any version
Linux Any version |
| Recommendation |
Remove the mod_rootme module from the Apache web server by removing the mod_rootme module from httpd.conf/modules.conf. |
| Related URL |
CVE-1999-0660 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
