I am going up against what looks like a standard Apache install with the following mods: Apache/1.3.22 (unix) mod_perl/1.26 mod_fastcgi mod_ssl/2.8.5 OpenSSL/0.9.6b I am not too experienced with Apache (and IIS is so easy). I have used the test-cgi and printenv scripts to gain some info. My question is, what are the vulnerabilities with the standard install (still has the Apache "Welcome" message)? Do the mods have any exploitable weaknesses? What are the default cgi-bin scripts (are there any)? I was able to use this server as a proxy which got me past their firewall though. :) Sorry for the basic question. Any help would be appreciated. Thanks! -Tim __________________________________ Tim Russo Email: trussoat_private Tel: 617.504.3008 Fax: 781.849.0127 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Fri Dec 14 2001 - 11:55:29 PST