httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Tromey <tro...@creche.cygnus.com>
Subject Re: security hole. bluff?
Date Mon, 22 Apr 1996 18:01:27 GMT
Rob> has anyone yet seen an example of how to exploit the recent
Rob> security "hole"?

I saw a note on comp.infosystems.www.servers.unix that indicated that
there was no way to exploit the hole.  The message said that the
reason \n should be escaped is for poorly-written CGIs.  The author
said he had talked to the originator of the report...

I have no idea if this bears any relation to reality.

Tom
-- 
tromey@cygnus.com                 Member, League for Programming Freedom

Mime
View raw message