httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@gonzo.ben.algroup.co.uk>
Subject Re: (Fwd) CIAC Bulletin G-20: Vulnerability in NCSA and Apache htt (fwd)
Date Fri, 19 Apr 1996 16:29:41 GMT
Dean Gaudet wrote:
> 
> In article <9604191441.aa06992@gonzo.ben.algroup.co.uk> you write:
> >(Forwarded from ssl-users) ... I have applied the patch to 1.1.
> 
> Anyone know what signature we should look for in the access logs to
> check for people abusing this hole?  I'm assuming %0A is one.

I thnk that is the only one (unless there is some other way to include a
newline character). Certainly it is the only one the patch fixes.

Cheers,

Ben.

> 
> Dean

-- 
Ben Laurie                  Phone: +44 (181) 994 6435
Freelance Consultant and    Fax:   +44 (181) 994 6472
Technical Director          Email: ben@algroup.co.uk
A.L. Digital Ltd,           URL: http://www.algroup.co.uk
London, England.

Mime
View raw message