Re: [SECURITY] [DSA-594-1] New Apache packages fix arbitrary code execution

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA-594-1] New Apache packages fix arbitrary code execution
From: Bernd Eckenfels <ecki-news2004-05@lina.inka.de>
Date: Thu, 18 Nov 2004 11:25:51 +0100
Message-id: <E1CUjU7-0005Hf-00@calista.eckenfels.6bone.ka-ip.net>
In-reply-to: <20041118012628.GA25576@mail.braingia.org>

In article <20041118012628.GA25576@mail.braingia.org> you wrote:
> If I'm not mistaken the vulnerabilities existed in two files found in
> apache-common.

Does anybody know why the Vuln is classified as a remote exploit? Arent SSI
tags dependend on local modifications? Or are there tags which can be remote
exploited, if used.

Gruss
Bernd

Reply to:

References:
- Re: [SECURITY] [DSA-594-1] New Apache packages fix arbitrary code execution
  - From: Steve Suehring <dsec@braingia.org>

Prev by Date: Re: [SECURITY] [DSA-594-1] New Apache packages fix arbitrary code execution
Next by Date: Matthias Sutter ist außer Haus. [Virus scanned]
Previous by thread: Re: [SECURITY] [DSA-594-1] New Apache packages fix arbitrary code execution
Next by thread: Matthias Sutter ist außer Haus. [Virus scanned]
Index(es):
- Date
- Thread