httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Behlendorf <>
Subject Lotus Domino server vulnerable
Date Thu, 22 Jan 1998 07:13:03 GMT

The short of it: having config files under your document root is bad.
Making them editable through the site is even worse!

I like this:

> The hole can be exploited in curious ways. At one
> vulnerable site, NBC Sports, a cracker could view the
> list of names for all customers who registered for
> the site's sweepstakes. 


"Optimism is a strategy for making               
a better future." - Noam Chomsky              

View raw message