I'd like to mention that the patch I gave a few days ago (in the "WWWBoard Vulnerability" posting), also protects against other bogus followup errors (whereas, w/o the patch, somebody using the exploit script, or just a form, could post w/ an followup value of for instance "44,blah", and the script would create a file called blah.html.) Although the file created when doing that is empty, it will not show up in the "WWWAdmin" script, other than that, there isn't any problem I've yet found with that. Samuel Sparling
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:22:48 PDT