On 2015-Aug-12 05:17, Ellen Shull wrote:
> On Wed, Aug 12, 2015 at 3:39 AM, Proxy One wrote:
> > Is there way to use curl for testing? I'm getting new line because of
> > the single quote inside string and escaping it with back slash gives me
> > bash: syntax error near unexpected token `<'
>
> Y
On Wed, Aug 12, 2015 at 3:39 AM, Proxy One wrote:
> Is there way to use curl for testing? I'm getting new line because of
> the single quote inside string and escaping it with back slash gives me
> bash: syntax error near unexpected token `<'
You can use curl's -K option which lets you stick argu
On 2015-Aug-12 07:36, Eero Volotinen wrote:
> How about something like:
>
>
>
> # disallow public access
> Order Deny, Allow
> Deny from all
> Allow from 127.0.0.1
>
> SetHandler perl-script
> PerlResponseHandler Apache2::Status
>
>
Thanks to this I noti
On 2015-Aug-11 19:57, Ellen Shull wrote:
> On Tue, Aug 11, 2015 at 4:46 AM, Proxy One wrote:
>
> > I haven't used but Trustwave still finds me
> > vulnerable.
> >
> [...]
> > Response: HTTP/1.1 404 Not Found
>
> You clearly aren't serving perl-status; that's a red herring here.
Indeed, I don't
How about something like:
# disallow public access
Order Deny, Allow
Deny from all
Allow from 127.0.0.1
SetHandler perl-script
PerlResponseHandler Apache2::Status
2015-08-11 14:46 GMT+03:00 Proxy One :
> Hello,
>
> I've failed latest PCI scan because
On Tue, Aug 11, 2015 at 4:46 AM, Proxy One wrote:
> I haven't used but Trustwave still finds me
> vulnerable.
>
[...]
> Response: HTTP/1.1 404 Not Found
You clearly aren't serving perl-status; that's a red herring here.
[...]
> Body: contains '">alert('xss')'
That's your problem; they're flag
Hello,
I've failed latest PCI scan because of CVE-2009-0796. Centos 6.7. The
Red Hat Security Response Team has rated this issue as having moderate
security impact and bug as wontfix.
Explanation: The vulnerability affects non default configuration of
Apache HTTP web server, i.e cases, when acce
7 matches
Mail list logo
