Re: Some issue apache security

From: David Fuchs (david@davidfuchs.ca)
Date: 11/20/02

Next message: Marcin M. Jessa: "VPN and roaming Windows 2K clients"
Previous message: budsz: "Some issue apache security"
In reply to: budsz: "Some issue apache security"
Next in thread: budsz: "Re: Some issue apache security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 20 Nov 2002 02:30:15 -0800
From: David Fuchs <david@davidfuchs.ca>
To: FreeBSD-Security <freebsd-security@freebsd.org>

Hello,

Yes, it is possible that vulnerabilities in Apache 1.3.23 could allow
a malicious user to execute arbitrary commands. Check the following URL
for related information on Apache security issues:

http://www.apacheweek.com/features/security-13

-David Fuchs

budsz wrote:

>Hi,
>
>I FreeBSD 4.3 Release, with Apache 1.3.23, is't bug apache will give
>someone login to console?
>
>Thanks
>
>
>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Next message: Marcin M. Jessa: "VPN and roaming Windows 2K clients"
Previous message: budsz: "Some issue apache security"
In reply to: budsz: "Some issue apache security"
Next in thread: budsz: "Re: Some issue apache security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Apache question
... I have to configure www virtual hosts under Apache ... so I can't specify properly permissions due to UNIX file security. ... with "unsubscribe freebsd-security" in the body of the message ...
(FreeBSD-Security)
Re: Scans of port 2002 - globe service
... possibly kicked off by the apache worm. ... > the hosts I checked using Netcraft were running some ... > Computer Support Services | Network HW & Protocols ... with "unsubscribe freebsd-security" in the body of the message ...
(FreeBSD-Security)
Re: Apache question
... What exactly do you mean when you say that virtual hosts must have "no access to ... > I have to configure www virtual hosts under Apache ... > so I can't specify properly permissions due to UNIX file security. ... with "unsubscribe freebsd-security" in the body of the message ...
(FreeBSD-Security)
RE: Apache issues
... >exist in apache 2 also. ... I'm already seeing http processes exiting with signal 8 in my ... with "unsubscribe freebsd-security" in the body of the message ...
(FreeBSD-Security)
apache mod_ssl ?
... do I need to worry about apache with mod_ssl? ... there parts that are statically compiled using openSSL? ... with "unsubscribe freebsd-security" in the body of the message ...
(FreeBSD-Security)