Slashdot Mirror
$16,000 Bounty for Sendmail, Apache Zero-Day Flaws
Famestay writes "Verisign's iDefense is putting up a $16,000 prize for any hacker who can find a remotely exploitable vulnerability in six critical Internet infrastructure applications. The bounty is for a zero-day code execution hole on the following Internet infrastructure technologies: Apache httpd, Berkeley Internet Name Domain (BIND) daemon, Sendmail SMTP daemon, OpenSSH sshd, Microsoft Internet Information (IIS) Server and Microsoft Exchange Server. 'Immunity founder Dave Aitel, who also purchases flaws and exploits for use in the CANVAS pen testing tool, says its doubtful iDefense will get any submissions from hackers. "It's very hard to exploit [those listed applications]," Aitel said. "IIS 6 hasn't had a public remotely exploitable bug in it. Ever." Several other hackers I spoke to had very much the same message, arguing that $16,000 can never equate to the amount of work/expertise required to find and exploit a hole in the six targeted technologies.'"
I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
Uhh, wow. Dumbest. Post. Ever. Every one of your points is just silly. You act as though they should just offer up money for any old exploit, then you go through an inane exercise to address their points with your own asinine play by play. I want the 30 seconds of my life it took to dismiss this post as being retarded back.
Reload keeps Apache running. No. It doesn't.
On some init.d scripts I've seen for apache 'restart' simply calls '$0 reload' or vice versa. Either way httpd must be stopped and started to read the config file again.
Log onto one of your Apache servers and look at the
I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
You are plainly wrong, and frankly it's not worth arguing about any more.
Your comment history shows an uncanny bias towards Microsoft products in defiance of logic. So what are you, an MS employed astroturfer or a fanboi?