About Archive Tags RSS Feed


Apache2 update

25 June 2005 21:50

Apache have now fixed the security bug I reported in Apache2's mod_cgid a few days ago.

Because it requires that an attacker have write access to the httpd.conf file it's not a real security bug. Unfortunately.

As such there's no CVE ID, or likely to be any vendor updates.

| No comments