httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 49623] CVE-2003-1418 - all httpd versions seem to expose inode values in FileEtag
Date Thu, 01 Sep 2011 21:21:54 GMT

--- Comment #1 from William A. Rowe Jr. <> 2011-09-01 21:21:54 UTC ---
Please provide a citation of how possessing an arbitrary identifier, the inode,
represents either a local or remote exploit?

No, not the respective validation test that is failing, but an actual citation 
w.r.t. the value of an inode to exploiting a machine.  Validation vendors are
famous for not actually probing for vulnerabilities, but regurgitating them
based on version numbers.

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message