DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=28193>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=28193 Webdav Exploit - DOS Vulnerability Apache 1.3.x Series [EMAIL PROTECTED] changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|INVALID | ------- Additional Comments From [EMAIL PROTECTED] 2004-04-05 04:40 ------- Resolved, invalid? This is a bug. This is an inability to hook into selected error conditions. With the advent of Webdav exploits, is critically important for administrators to capture and deal with an error 414 conditon. Apache 1.3.x affords no ability to deal with this exploit. This is a bug. No administrator can deal with this exploit under current software conditions. You have dismissed this as "resolved invalid" in lieu of any discussion, in lieu of any comments coming in from others. It is clear by time stamps you spent little, if any time, considering the ramifications of this bug. Strikes me your decision is both premature and done so without research. You should at least allow a bit of time for other comments to come in, to fully assess the impact of this clear bug in Apache 1.3.x series. Premature dismissal of a bug report, in lieu of discussion and comments, defeats the whole purpose of bugzilla reporting. I am clearly dismayed you dismiss bug reports so lightly. Doing so discourages others from reporting problems for which resolution may prove highly beneficial. In this case, it is exceedingly clear an ability to hook into an error 414 condition is very critical, very needed. Certainly I will think twice before investing time and effort into reporting an item I believe may benefit our Apache community. Kira --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
