Post Thu Apr 11, 2013 10:27 am

Searching for apache 1.3.x remote code execution exploits

Hello, I link to my previous topic to ask you if you know some other weakness of this apache version who could lead to remote code execution on a windows xp platform or a "modern" linux distribution (some distribution I can still download).
I'm already trying to exploit the chunked encoding, but I'd like to find more.

My objective is to inject into apache source code some monitoring code, in order to discover if an attack is in place so binaries versions are not good or at least I have to be able to replicate the weakness by compiling the apache source code myself.