www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ulrich Babiak <ubab...@no_Sp*m_WaNted.netcologne.de>
Subject general/2223: CGI mime-type included by default
Date Wed, 13 May 1998 09:27:29 GMT

>Number:         2223
>Category:       general
>Synopsis:       CGI mime-type included by default
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          change-request
>Submitter-Id:   apache
>Arrival-Date:   Wed May 13 02:30:00 PDT 1998
>Last-Modified:
>Originator:     ubabiak@no_Sp*m_WaNted.netcologne.de
>Organization:
apache
>Release:        1.3.b6
>Environment:
This suggestion concerns every platform
>Description:
The new mime.types file in the 1.3-Distribution includes the
"application/x-httpd-cgi         cgi"
entry. If user home directories are allowed, then this might lead
to unwanted cgi execution by any user.
>How-To-Repeat:

>Fix:
remove "application/x-httpd-cgi         cgi" from default mime.types file
in distribution
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <apbugs@Apache.Org> in the Cc line ]
[and leave the subject line UNCHANGED.  This is not done]
[automatically because of the potential for mail loops. ]




Mime
View raw message