Vulnerability Development mailing list archives
Re: CGI source being exposed using "~"
From: dave () NRMAIL COM (David Augros)
Date: Tue, 9 May 2000 09:14:50 -0400
Another thing you can do to prevent this is add script handlers for the backup extensions (if you use file extensions to tell apache what is a cgi script). In httpd.conf, add the line: AddHandler cgi-script .cgi .cgi~ Then, if a browser requests the backup file, the server will just execute the older version of the script, which in most cases is probably preferable to having the source code displayed. -- Dave
Current thread:
- really fast data, (continued)
- really fast data Ogrodnek, Larry (May 10)
- Re: Alternative ways of IP spoofing? Doru Petrescu (May 10)
- AIM & VPN jeff D (May 10)
- Re: AIM & VPN Jeremy Gaddis (May 10)
- Re: AIM & VPN Bluefish (May 11)
- Re: AIM & VPN Matthew S. Hallacy (May 12)
- Norton Internet Security 2000 Jon Alabot (May 10)
- Re: CGI source being exposed using "~" Jason Legate (May 09)
- Re: CGI source being exposed using "~" Mike Waychison (May 09)
- Re: CGI source being exposed using "~" Oystein Viggen (May 09)
- Re: CGI source being exposed using "~" David Augros (May 09)