One of my net friends told me that my server is vulnerable to this exploit: http://online.securityfocus.com/bid/5033

just thought i might let you know powweb, he sounded like it was pretty serious

Originally posted by notix
One of my net friends told me that my server is vulnerable to this exploit: http://online.securityfocus.com/bid/5033

just thought i might let you know powweb, he sounded like it was pretty serious Your friend should check his facts before he starts pushing the panic button. First, Apache 1.3.26 specifically addresses this issue and PowWeb upgraded to 1.3.26 shortly after it was released. Second, at this stage there have been no reported instances of abuse of this vulnerability. So even if PowWeb haven't quite gotten around to upgrading your server yet, the risk of anyone hacking your server is vanishingly small.

Which server are you on?

o i c, i am on callisto.powweb.com

Originally posted by notix
o i c, i am on callisto.powweb.com Callisto is running Apache 1.3.26. It is not vulnerable to the exploit your friend is talking about.