Vulnerability Development mailing list archives
Re: Another flaw in Apache?
From: Filipe Jorge Marques de Almeida <filipe () rnl ist utl pt>
Date: Sun, 23 Jun 2002 15:03:13 +0100
Don't forget this is not a serious vulnerability in many configurations (if the user already has permission to run cgi scripts without suexec, SSI, etc). On Sat, Jun 22, 2002 at 09:27:48PM -0400, Michal Zalewski wrote:
Check out what you get - file descriptors and other goodies - and perhaps it is a good time to cc: bugtraq or at least Apache guys?;-)
-- Filipe Almeida
Current thread:
- Another flaw in Apache? Jedi/Sector One (Jun 22)
- Re: Another flaw in Apache? Jedi/Sector One (Jun 22)
- Re: Another flaw in Apache? Michal Zalewski (Jun 22)
- Re: Another flaw in Apache? Jedi/Sector One (Jun 22)
- Re: Another flaw in Apache? Alexander Yurchenko (Jun 22)
- RE: Another flaw in Apache? Ryan Sweat (Jun 22)
- Re: Another flaw in Apache? Michal Zalewski (Jun 22)
- Re: Another flaw in Apache? Jedi/Sector One (Jun 23)
- Re: Another flaw in Apache? Filipe Jorge Marques de Almeida (Jun 23)
- Re: Another flaw in Apache? Jedi/Sector One (Jun 23)
- Message not available
- Re: Another flaw in Apache? Filipe Almeida (Jun 23)
- Re: Another flaw in Apache? Alexander Yurchenko (Jun 23)
- Re: Another flaw in Apache? Jedi/Sector One (Jun 23)
- Re: Another flaw in Apache? Michal Zalewski (Jun 23)
- Re: Another flaw in Apache? Michal Zalewski (Jun 23)
- Re: Another flaw in Apache? sd (Jun 26)