Du schriebst in linux.debian.security:
> Someone used this bug to attack my system...
> My advice to all phpix users...chmod 700 /var/www/phpix
>
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=229794
>
soory I don't see here any root exploit. phpix runs with the uid from
the webserver or via suexec. And I mean that the debian apache don't run
as root ( uid0).
" Synnergy has recently discovered a flaw within PHPix that allow a
remote user to traverse a directory as a request to the script using the
$mode=album&album=_some_dir_variable. It is then possible to read any
file or folder's contents with priviledges as the httpd."
So which root exploit. If you have configured your php and permissions
right using quota and so on ( all this thing's is a must be on an
webserver) se server is not in trouble only the user which runs this
script.
Ruben
--
Ruben Puettmann
[EMAIL PROTECTED]
http://www.puettmann.net
