IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Security Forum / Your recall is very good...
Post #43,098
by folkert
Picture of folkert
6/20/02 11:22:29 PM
Reply
New Your recall is very good...
I am on about a ka-jillion Security alerting mailing lists...

I seems to recall the same things about it _being_ when Apache being on Windows and being *POSSIBLE* on 64-bit architectures...

Would that mean... if you cluster two 32-bit machines ... does that count???
greg, curley95@attbi.com -- REMEMBER ED CURRY!!!
Post #43,100
by ben_tilly
6/20/02 11:28:34 PM
Reply
New Not the way I remember it
The story that I remember is that on *nix the exploit had you trying to access an address over 2 GB. On 32-bit platforms that is an illegal thing to do, core dump you bad boy. On 64-bit platforms that is legal, but unless you are using 64-bit pointers and your Apache kid is addressing more than 2 GB, that will be an illegal address again. In that miniscule remaining case, execute something, which (unless someone can come up with something I didn't hear about) you have no control over, which therefore is likely to segfault almost immediately anyways.

Cheers,
Ben
"... I couldn't see how anyone could be educated by this self-propagating system in which people pass exams, teach others to pass exams, but nobody knows anything."
--Richard Feynman
     Apache holed, fixed - (kmself) - (5) - June 20, 2002, 10:05:52 PM EDT
         Reference on remote compromise? - (ben_tilly) - (4) - June 20, 2002, 10:34:20 PM EDT
             Your recall is very good... - (folkert) - (1) - June 20, 2002, 11:22:29 PM EDT
                 Not the way I remember it - (ben_tilly) - June 20, 2002, 11:28:34 PM EDT
             Gobbles Gobbles - (kmself) - (1) - June 21, 2002, 01:55:33 AM EDT
                 Ouch - (ben_tilly) - June 21, 2002, 06:17:45 AM EDT

You're pretending to think.
55 ms