[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] SSI Vuln on cobalt

Subject: Re: [cobalt-security] SSI Vuln on cobalt
From: Craig St George <craig@xxxxxxxxxxxxx>
Date: Mon, 22 Apr 2002 13:41:26 +1200
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

I found I could turn of exc option but then you get the problem with the

htaccess allowoveride all on frontpage sites as they can just turn it backon in there





At 01:18 PM 22/4/02, you wrote:

That does not fix the hole!


At 03:24 PM 4/21/2002, you wrote:
On Sunday 21 April 2002 05:06 pm, Brett Wright wrote:
> >Hi list
> >
> >
> >SSI pages run as the web user... so if I made a page "iseethis.shtml"with
> >the source:

References:
- Re: [cobalt-security] SSI Vuln on cobalt
  - From: Paul Jacobs

Prev by Date: Re: [cobalt-security] Re: SSI Vuln on cobalt
Next by Date: Re: [cobalt-security] Re: SSI Vuln on cobalt
Previous by thread: Re: [cobalt-security] SSI Vuln on cobalt
Next by thread: [cobalt-security] SSI Vuln on cobalt

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index