Not to my knoweldge, but run SPIKE on it and find out... ./closed_source_web_server_fuzz is what I used to find it... -dave
Michael A. Cleverly wrote:
On Mon, 24 Nov 2003, Dave Aitel wrote:
It's not an unknown reason, it's a remote root which you guys already fixed in 3.4...add the Content-Length check to 4.0 and you should be set.
I imagine a lot of people are still running AOLserver 3.3+ad13. Is it vulnerable?
Michael
-- AOLserver - http://www.aolserver.com/
To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.
-- AOLserver - http://www.aolserver.com/
To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.