[7600] in bugtraq
Re: Debian Apache Security Update
daemon@ATHENA.MIT.EDU (Dag-Erling Coidan =?iso-8859-1?Q?S)
Mon Aug 10 18:04:33 1998
Date: Mon, 10 Aug 1998 23:01:08 +0200
Reply-To: Dag-Erling Coidan =?iso-8859-1?Q?Sm=F8rgrav?= <dag-erli@IFI.UIO.NO>
From: Dag-Erling Coidan =?iso-8859-1?Q?Sm=F8rgrav?= <dag-erli@IFI.UIO.NO>
X-To: Johnie Ingram <johnie@NETGOD.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Johnie Ingram's message of "Sat, 8 Aug 1998 00:53:00 -0400"
Johnie Ingram <johnie@NETGOD.NET> writes:
> A security problem has been found in apache. It allows users to cras=
h
> the webserver from a remote system, and should be fixed as soon as
> possible.
> [...]
> Thanks to Dag-Erling Sm=81=F8rgrav for finding this bug, and Ben Laur=
ie for
> fixing it.
I didn't find it, I just wrote the script. Mark Huizer found it
(though he incorrectly blamed it on setenv())
DES
--
Dag-Erling Sm=F8rgrav - dag-erli@ifi.uio.no
