How to own apache.org
Posted by creining | Filed under Security
{} and Hardbeat (handles) have a short writeup on how they got root on the apache.org server. Although this was done back in the year 2000, what makes their accomplishment so interesting is that they used a small series of administrative configuration oversights to work their way to the root account. Those misconfigurations are timeless though, and there’s never a patch 
.
Comments are closed.