Apache2 update

Saturday, 25 June 2005

Apache have now fixed the security bug I reported in Apache2’s mod_cgid a few days ago.

Because it requires that an attacker have write access to the httpd.conf file it’s not a real security bug. Unfortunately.

As such there’s no CVE ID, or likely to be any vendor updates.

| No comments



Recent Posts

Recent Tags