On 11/29/05, syona m <syona2k@xxxxxxxxx> wrote: > Thanks for the help Joshua > > Can anyone suggest me how can I test whether my server is impacted by the > escape sequence vulnerability > " The target is running an Apache web server which allows for the injection > of arbitrary escape sequences into its error logs. An attacker might use > this vulnerability in an attempt to exploit similar vulnerabilities in > terminal emulators. " I thought I already explained that: this is a very minor security issue and will only affect you if you view raw log files at the terminal using a vulnerable terminal emulator. So just don't view raw log files at the terminal and you are fine. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|