[Dshield] Server side scripts viewing in Goahead webserver <= 2.1.7

Johannes B. Ullrich jullrich at sans.org
Wed Dec 17 18:49:39 GMT 2003


On Wed, 2003-12-17 at 12:06, John Hardin wrote:
> Johannes: approve this only if you agree. Thanks.

Sorry John (and list). I didn't read the post careful
enough in the admin interface.

I don't agree. These vulnerability notices are 'on topic'.
The charter of the list allows security related postings.
These vulnerability announcements are security related. 

I am not even stating "non commercial", in particular as this
is sometimes a difficult line to draw.

However, if you feel that this post was not necessary, feel
free to tell the poster (or me). If there is a consensus against
vulnerability announcement, I will stop approving them.

I know its a pain to get dozens of copies of an announcement 
which isn't all that significant to begin with. Without reading
the details, I assume that "Go Ahead Web Server" is one of these
packages which isn't exactly "in widespread use". But then again,
I am not in a position to evaluate this.

I try to keep this mailing list as open as possible. There are
very few posts I reject. As seen in this example, posts are
frequently approved by looking at the subject and the 'From'
address. Not the best practice (and I will force myself to
be more diligent)

Also: If I reject a post, and you feel that it was rejected in error,
just repost with a note indicating that you would like to have it posted
despite the initial reject. 


-- 
CTO SANS Internet Storm Center               http://isc.sans.org
phone: (617) 786 1563            
  fax: (617) 786 1550                          jullrich at sans.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/list/attachments/20031217/86d6194d/attachment.bin


More information about the list mailing list