On Friday 14 December 2001 02:12 pm, security curmudgeon wrote: > > I am going up against what looks like a standard Apache install with the > > following mods: > > > > Apache/1.3.22 (unix) mod_perl/1.26 mod_fastcgi mod_ssl/2.8.5 > > OpenSSL/0.9.6b > > Sorry for the basic question. Any help would be appreciated. > > off a default 1.3.22 install > /usr/local/apache/cgi-bin/printenv > /usr/local/apache/cgi-bin/test-cgi > > you really should get access to a unix box in order to install packages > like this. will greatly assist you in figuring out default settings.
In the _source_ distribution, those CGI's exist but are not executable, so you just get a 403 error if you try to access them. Binary/Dsitribution/OS specific installs may be different. -HD ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
