Penetration Testing mailing list archives
[PEN-TEST] Apache 1.3.12 and mod_rewrite
From: Simon Waters <Simon () wretched demon co uk>
Date: Thu, 7 Dec 2000 18:44:02 +0000
Has anyone seen an exploit using this? I'm recommending 1.3.14 - but would like to know if it is exploitable at the momemt. Client using JServ - and judging from URL an alias is being used to shorten URL's that might be vunerable (If they copied the one in the documentation 8-). I'm assuming that a particular rewrite allows access to inappropriate folders.
Current thread:
- [PEN-TEST] Apache 1.3.12 and mod_rewrite Simon Waters (Dec 10)