> Tested to be vulnerable to the hex-encoded dot dot bug are: > Perl Web Server v0.3 Do we really need to be seeing advisories on alpha versions of software that is under active development? This is hardly a production-quality application and even their own download statistics show that its distribution has been very limited. Furthermore, I don't see a bug report entry in their SourceForge project. You did report this to them before you sent it to BugTraq, yes? David
This archive was generated by hypermail 2b30 : Thu Apr 26 2001 - 02:05:31 PDT