httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Malo ...@perlig.de>
Subject Re: [Fwd: Apache httpd vulenrabilities]
Date Tue, 29 May 2007 21:17:21 GMT
* Ian Holsman wrote:

> Hey Bill
>
> just to clarify these are LOCAL DoS attacks? ie you need access to the
> machine (or the ability to execute php) in order for this to be an issue?

Well, if your PHP script (running on mod_php) allows code injection, it's 
also remotely exploitable. Untrusted code should not be run with mod_php, 
though.

nd
-- 
sub the($){+shift} sub answer (){ord q
        [* It is always 42! *]       }
           print the answer
# André Malo # http://pub.perlig.de/ #

Mime
View raw message