[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Apache/mod_include/SSI/CAN-2004-0940



I am trying to find out how a machine was compromised - and know that we
have strange SSI entries in the log. Is there any chance that the fix from
the original:

	http://cvs.apache.org/viewcvs.cgi/apache-1.3/src/modules/standard/mod_include.c?rev=1.141&view=log

for CAN-2004-0940 is -also- required for the simplified/secured version of
apache as shipped with OpenBSD 3.6 on x86 ? Or is that a non issue for the
open BSD version on intel - as it was fixed some other way ? Just looking
for avenues I can stop researching in ?

Thanks,

Dw



Visit your host, monkey.org