Environment:
Platform- linux
Apache version- 2.2
Modules enabled- deflate dir autoindex env mime negotiation
custom_module reqtimeout setenvif
Name of my module- custom_module which is positioned APR_HOOK_FIRST
As you can see, both auth and authz are
If you would like more information on the exploit itself, please let me
know. I have a proof of concept that is able to hit the exploit with
100% success.
Hi Eric,
I'm trying to test this patch and would love to know how you're able to
duplicate this on-demand.
Thanks,
Jason
Hi,
I've been working on a patch for mod_cache to deal (fully) with the
response header Cache-Control and the no-cache=header or private=header
directives.
This feature is mainly used with the Set-Cookie header, and allows the
origin server to control the caching of that particular header.
Eirik Lygre wrote
Eirik Lygre wrote
Eric Covener wrote
On Thu, Feb 28, 2013 at 11:12 AM, Eirik Lygre lt;
eirik.lygre@
gt; wrote:
seems to make sense, were you able to test the mod_ldap side of the
change, or is the rebuild a problem?
The number of moving parts needed to build it all
On Mon, Mar 4, 2013 at 1:55 PM, Diana Andrews
novaandroiddiane...@gmail.com wrote:
Signed,
Diana j.Andrews
I'm not sure what that has to do with Apache httpd.
--
Sent from my Game Boy.
On your request a patched mod_ldap.so available at AL post,
with following changes in ldap_util.c :
rc = apr_ldap_ssl_init(p,
NULL,
0,
(result_err));
- if (APR_SUCCESS == rc) {
+ if (APR_SUCCESS == rc
On Mon, Mar 4, 2013 at 3:34 PM, Steffen i...@apachelounge.com wrote:
On your request a patched mod_ldap.so available at AL post,
with following changes in ldap_util.c :
Thanks!