Full Disclosure mailing list archives
Re: formatfun
From: Marcus Meissner <meissner () suse de>
Date: Mon, 27 Mar 2006 15:21:48 +0200
On Fri, Mar 24, 2006 at 05:51:04PM +0100, kcope wrote:
Hello, mod_ssl: /httpd-2.0.48/modules/ssl/ssl_engine_kernel.c (also in 2.0.55) proto: ap_log_error(constchar*file,intline,intlevel,apr_status_tstatus,constserver_rec*s,constchar*fmt,...) code: ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, buff); is this exploitable?
Not considered exploitable by the Apache team. http://issues.apache.org/bugzilla/show_bug.cgi?id=30585 Ciao, Marcus _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- formatfun kcope (Mar 24)
- Re: formatfun Marcus Meissner (Mar 27)