Skip to content
Commit 99423185 authored by William A. Rowe Jr's avatar William A. Rowe Jr
Browse files

  These files cannot be distributed at present - Justin, update your RC.32

  Win32 is not escaping or rejecting ANY hazerdous shell command strings
  in Apache 2.0 at present.  These would include the pipe character (|)
  which allows the user to construct malicious request strings.

  This needs consideration in code and configuration before we reintroduce
  a batch-file based example.

  Reported by: Ory Segal <ORY.SEGAL@SANCTUMINC.COM>  13 Feb 2002


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93393 13f79535-47bb-0310-9956-ffa450edef68
parent 732e39cb
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment