Don't forget this is not a serious vulnerability in many configurations (if the user already has permission to run cgi scripts without suexec, SSI, etc). On Sat, Jun 22, 2002 at 09:27:48PM -0400, Michal Zalewski wrote: > Check out what you get - file descriptors and other goodies - and perhaps > it is a good time to cc: bugtraq or at least Apache guys?;-) -- Filipe Almeida
This archive was generated by hypermail 2b30 : Sun Jun 23 2002 - 08:56:11 PDT