Re: [users@httpd] Help required for security vulnerabilities in 1.3.29

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I understood what you had explained but still I wanna test it to see whether my application is impacted. I am looking for steps in which I can test whether this vulnerability is exposed at my server.

Joshua Slive <jslive@xxxxxxxxx> wrote:
On 11/29/05, syona m wrote:
> Thanks for the help Joshua
>
> Can anyone suggest me how can I test whether my server is impacted by the
> escape sequence vulnerability
> " The target is running an Apache web server which allows for the injection
> of arbitrary escape sequences into its error logs. An attacker might use
> this vulnerability in an attempt to exploit similar vulnerabilities in
> terminal emulators. "

I thought I already explained that: this is a very minor security
issue and will only affect you if you view raw log files at the
terminal using a vulnerable terminal emulator. So just don't view raw
log files at the terminal and you are fine.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



Yahoo! Music Unlimited - Access over 1 million songs. Try it free.
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux