From owner-freebsd-security  Wed Nov 20  2:30:11 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 83D7C37B401
	for <freebsd-security@freebsd.org>; Wed, 20 Nov 2002 02:30:08 -0800 (PST)
Received: from bluetavern.com (naphtali.bluetavern.com [216.113.197.10])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1ADF343E3B
	for <freebsd-security@freebsd.org>; Wed, 20 Nov 2002 02:30:08 -0800 (PST)
	(envelope-from david@davidfuchs.ca)
Received: from naphtali.bluetavern.com ([216.113.197.10] helo=davidfuchs.ca)
	by bluetavern.com with esmtp (Exim 3.34 #1)
	id 18ES5t-000BHF-00
	for freebsd-security@freebsd.org; Wed, 20 Nov 2002 02:28:29 -0800
Message-ID: <3DDB6437.2000200@davidfuchs.ca>
Date: Wed, 20 Nov 2002 02:30:15 -0800
From: David Fuchs <david@davidfuchs.ca>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.1) Gecko/20020826
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: FreeBSD-Security <freebsd-security@freebsd.org>
Subject: Re: Some issue apache security
References: <20021120085536.GA96715@kumprang.or.id>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Hello,

   Yes, it is possible that vulnerabilities in Apache 1.3.23 could allow 
a malicious user to execute arbitrary commands.  Check the following URL 
for related information on Apache security issues:

   http://www.apacheweek.com/features/security-13

-David Fuchs

budsz wrote:

>Hi,
>
>I  FreeBSD 4.3 Release, with Apache 1.3.23, is't bug apache will give
>someone login to console?
>
>Thanks
>
>  
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message