I have a Apache 2.2.3 running on an Ubuntu Feisty server (kernel 2.6.20). I just ran a Nessus 3 scan on the system that reports a "hole": "It was possible to freeze or reboot Windows by reading a MS/DOS device through HTTP, using a file name like CON\CON, AUX.htm or AUX." "Solution: upgrade your system or use a HTTP server that filters those names out." Could someone please point me in the correct direction to close this "hole"? Thanks, David --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|