It is not apache issue. You recrive 403 status, so charset is set in Header.
Charset should not be in meta tags. Issue exist, when apache send response
without charset in header AND meta tags. Probably you are using old browser
without standard settings.
Best Regards,
Maksymilian Arciemowic
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01446326
Version: 1
HPSBUX02334 SSRT071403 rev.1 - HP-UX Running ftp, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon
as possible.
I was getting backscatter SPAM from google and enabled SPF rules in my DNS
domain along with installing Vbounce in SpamAssassin and it has basically
all stopped.
SPF specifically addresses the Google bounce issue, since Google
implements SPF. When a spammer sends a message to google with a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1574-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
May 12, 2008
Hi,
We are not talking about backscattering. Our attack uses Google's MX servers
like open SMTP relays. Messages are delivered as sent, and not as a delivery
failure notification.
We are still expecting to hear from Google, but we will be releasing more
details about the issue together with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1573-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Thijs Kinkhorst
May 11, 2008
dear all
the program for SyScan'08 Hong Kong is confirmed.
date: May 29th and 30th, 2008
venue: Langham Place Hotel, Hong Kong
Program:
Attacking Telco Core Network - Philippe Langlois (TSTF)
Real World Kernel Pool Exploitation - Kostya Kortchinsky (Immunity)
Cyber Crime: Follow the Money - Ped
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200805-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1572-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Thijs Kinkhorst
May 11, 2008
On Sat, May 10, 2008 at 8:04 PM, Todd T. Fries <[EMAIL PROTECTED]> wrote:
> Yes this is very frustrating.
>
> The details are not so hard to guess. Unless this post is different,
> anyone can send an email to a nonexistent user at a google service and
> they accept it and bounce back to the envelo
On Sat, May 10, 2008 at 01:04:42PM -0500, Todd T. Fries wrote:
> Yes this is very frustrating.
>
> The details are not so hard to guess. Unless this post is different,
> anyone can send an email to a nonexistent user at a google service and
> they accept it and bounce back to the envelope recipie
#!/usr/bin/perl -w
#
# Joomla Component xsstream-dm 0.01 Beta Remote SQL Injection #
# download :
http://sstreamtv.com/index.php?option=com_docman&task=doc_details&gid=24
##
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2008:100
http://www.mandriva.com/security/
___
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1573-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Thijs Kinkhorst
May 11, 2008
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200805-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Content type is set in Response header
but not in the HTML meta tag - for example
there is no definition like !!!
That is the reason why it is still a vulnerability and was tested hundred times
and still works.
The solution is to set encoding for the response in when rendering the page,
for
16 matches
Mail list logo
