Re: [users@httpd] Help required for security vulnerabilities in 1.3.29

[syona m]

I understood what you had explained but still I wanna test it to see whether my application is impacted. I am looking for steps in which I can test whether this vulnerability is exposed at my server.

Joshua Slive <[EMAIL PROTECTED]> wrote:

On 11/29/05, syona m <[EMAIL PROTECTED]>wrote:
> Thanks for the help Joshua
>
> Can anyone suggest me how can I test whether my server is impacted by the
> escape sequence vulnerability
> " The target is running an Apache web server which allows for the injection
> of arbitrary escape sequences into its error logs. An attacker might use
> this vulnerability in an attempt to exploit similar vulnerabilities in
> terminal emulators. "

I thought I already explained that: this is a very minor security
issue and will only affect you if you view raw log files at the
terminal using a vulnerable terminal emulator. So just don't view raw
log files at the terminal and you are fine.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

---

Yahoo! Music Unlimited - Access over 1 million songs. Try it free.