[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: DAV



On Thu, Oct 07, 2004 at 07:58:20PM +0100, Joe Orton wrote:
> It's not CGI scripts which is the issue, the issue is whether or not an
> OpenSSL buffer overflow gives you remote root or just the privileges of
> the "apache" user as it currently does.

That would be a problem yes. You'd end up with apache able to  access any
files in the system. I guess mod_webdav should never have been mod_


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]