[Dshield] Uploads to Apache
David Cary Hart
DavidHart at TQMcube.com
Fri Jan 7 14:17:27 GMT 2005
On Thu, 2005-01-06 at 16:18 -0800, Jim Race wrote:
> It all depends on how you implemented it, and what limits you placed on it.
> Since you didn't tell us any of that, I'll assume you don't know how it
> occured and say "Yes, it compromises security."
I agree. Sometimes (some people would suggest "often") I do not know
what I do not know. Johannes thoughtfully responded off list and pointed
out the potential for someone to upload and then activate a php exploit
if the upload is accessible. While the upload area is obscure it was not
immune. It's now gone until I rethink and rewrite the PHP.
Total Quality Management - A Commitment to Excellence
More information about the list