httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Florian Effenberger <flo...@arcor.de>
Subject mod_cgi: please have a look at this feature request
Date Mon, 24 May 2004 12:22:29 GMT
Hello there,

I hope this is the right place to propose feature requests. If not, 
please correct me. ;-)

Everyone involved in mod_cgi, please have a look at this bug:
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=29122

It is about mod_cgi checking for certain conditions before forking the 
child. I consider it a SERIOUS SECURITY RISK because severs can easily 
get vulnerable to DoS attacks by running huge CGI scripts (e.g. PHP as CGI).

Thanks for taking the time.

	-- florian

Mime
View raw message