[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#517377: apache 1.3 shows perl script source in iphone-browser

Package: apache
Version: 1.3.34-4.1+etch1
Severity: grave

When a script called "index.cgi" is the directory-index in apache 1.3
and this script is accessed using the iphone browser, apache shows the
script source of the perl script, even if the perl script is correctly
being executed when accessed with any other browser.

This might expose passwords and might be a severe security issue.

I am using Debian GNU/Linux 4.0 Etch, kernel 2.6.18-6-vserver-686

Reply to: