On Jan 23, 2008 12:39 PM, Lindsay Hausner <lindsay.hausner@xxxxxxxxxx> wrote: > > FYI > > http://www.securitytracker.com/alerts/2008/Jan/1019256.html What's your point? The Apache httpd developers don't consider this a vulnerability because it can only be exploited if you can write arbitrary filenames to the server's file-system. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|