httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Wilson <and...@aaaaaaaa.demon.co.uk>
Subject Re: util.c hole and speed of security patch release
Date Mon, 22 Apr 1996 23:42:09 GMT
> Andy, maybe netcraft would be interested in pinging Apache/NCSA sites
> for the old phf hole.
> 
> Even had we removed/replaced phf in a new Apache, the sites which
> have installed it would not have been helped.. people don't clean
> out their CGI dirs once they've created them.

Clearly it's not impossible to find the sites effected.  NC have
contacted NCSA/1.3 users in the past with reference to the old
stack-overwriting bug.

We'll see.

> rob

Ay.

Mime
View raw message