This bug has already been mentioned on the public mailing list for Apache which is here = http://groups.yahoo.com/group/new-httpd/message/36545 as we can see it was on Date: Tue May 28, 2002 5:22 pm. and the bug is fixed in CVS for Apache 2.0 this advisory is rather in form of a uniformed and questionable advisory. Surely ISS will get a lot of press for that. =) oh and Apache 1.3.26 and 2.0.39 are released, These versions are both security and bug-fix releases. You can download them from: http://www.apache.org/dist/httpd/ Regards, --------- Muhammad Faisal Rauf Danka Chief Technology Officer Gem Internet Services (Pvt) Ltd. web: www.gem.net.pk Vice President Pakistan Computer Emergency Responce Team (PakCERT) web: www.pakcert.org Chief Security Analyst Applied Technology Research Center (ATRC) web: www.atrc.net.pk _____________________________________________________________ --------------------------- [ATTITUDEX.COM] http://www.attitudex.com/ --------------------------- _____________________________________________________________ Promote your group and strengthen ties to your members with email@yourgroup.org by Everyone.net http://www.everyone.net/?btn=tag
