httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeff White" <jlw...@earthlink.net>
Subject Re: [users@httpd] Sources for known Apache2 Exploits
Date Wed, 12 Jan 2005 20:12:20 GMT

From: "Joshua Slive"

>> I've been looking at similar offerings on Google to satisfy my own
>> curiosity. Have found the following, but not found a specific
>> website. Any
>> further info anyone has got, lets have it!
>>
>> http://blogs.msdn.com/michael_howard/archive/2004/10/15/242966.aspx

FYI

The above is "reported"
trouble comparing
IIS6 vs Apache2.

Apache2 also uses
OpenSSL and APR
(and others).

IIS6 vs Apache1.3
and
IIS6 vs OpenSSL
http://blogs.msdn.com/michael_howard/archive/2004/10/18/244181.aspx

>
> A couple clicks from the apache http server home page will get you
> here:
> http://www.apacheweek.com/features/security-20
> That list is authoritative.

But only for "outside"
reported "troubles"!

What happens if one
reports a really "bad
one" straight to Apache?

Perhaps the OP needs
a link to Apache2's full
"list"?

Jeff




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message