[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4688: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4690: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4691: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4692: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
FREESCO Support • View topic - Apache cross site tracing vulnerability???

FREESCO Support

Official FREESCO Support Forums

Skip to content

Apache cross site tracing vulnerability???

Support section for FREESCO v0.3.x 3rd Party Packages
Post a reply

Apache cross site tracing vulnerability???

Postby Thasaidon » Tue Jan 19, 2010 2:08 pm

Experience shared, is experience gained.






Image
User avatar
Thasaidon
Advanced Member
 
Posts: 411
Joined: Tue Feb 05, 2002 9:38 am
Location: The Netherlands
Top

Re: Apache cross site tracing vulnerability???

Postby Lightning » Wed Jan 20, 2010 12:21 am

If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12081
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA
Top

Re: Apache cross site tracing vulnerability???

Postby Thasaidon » Wed Jan 20, 2010 2:33 am

Experience shared, is experience gained.






Image
User avatar
Thasaidon
Advanced Member
 
Posts: 411
Joined: Tue Feb 05, 2002 9:38 am
Location: The Netherlands
Top

Re: Apache cross site tracing vulnerability???

Postby Thasaidon » Wed Jan 20, 2010 11:09 am

Experience shared, is experience gained.






Image
User avatar
Thasaidon
Advanced Member
 
Posts: 411
Joined: Tue Feb 05, 2002 9:38 am
Location: The Netherlands
Top

Re: Apache cross site tracing vulnerability???

Postby Thasaidon » Thu Jan 21, 2010 6:46 am

Experience shared, is experience gained.






Image
User avatar
Thasaidon
Advanced Member
 
Posts: 411
Joined: Tue Feb 05, 2002 9:38 am
Location: The Netherlands
Top

Re: Apache cross site tracing vulnerability???

Postby dingetje » Thu Jan 21, 2010 9:27 am

What test tool are you using?
GreetZ
http://dingetje.hopto.org

"Software is like sex: it's better when it's free." - LINUS TORVALDS
User avatar
dingetje
FREESCO GURU !!
 
Posts: 1010
Joined: Wed Nov 14, 2001 12:13 pm
Location: The Netherlands
Top

Re: Apache cross site tracing vulnerability???

Postby Thasaidon » Thu Jan 21, 2010 11:58 am

Last edited by Thasaidon on Sat Jan 23, 2010 5:37 am, edited 2 times in total.
Experience shared, is experience gained.






Image
User avatar
Thasaidon
Advanced Member
 
Posts: 411
Joined: Tue Feb 05, 2002 9:38 am
Location: The Netherlands
Top

Re: Apache cross site tracing vulnerability???

Postby Lightning » Thu Jan 21, 2010 7:28 pm

If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12081
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA
Top

Re: Apache cross site tracing vulnerability???

Postby Thasaidon » Fri Jan 22, 2010 3:37 am

Yup,

I read the Whitehats whitepaper too. And like I said, I'm not too worried about this "vulnerability".
I just thought I'd give it the quick fix because "just adding 3 lines of code", seemed so simple.

The only option would be to upgrade to an Apache version of 1.3.34 or higher, in which the code "TraceEnable off" could be inserted.
But then again... there is no guarantee this would work that simple too :wink: :wink:

I'll give it a rest... for now
Unless you have some other ideas :wink: :lol:
Experience shared, is experience gained.






Image
User avatar
Thasaidon
Advanced Member
 
Posts: 411
Joined: Tue Feb 05, 2002 9:38 am
Location: The Netherlands
Top

Re: Apache cross site tracing vulnerability???

Postby Lightning » Fri Jan 22, 2010 7:26 pm

If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12081
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA
Top

Re: Apache cross site tracing vulnerability???

Postby Thasaidon » Sat Jan 23, 2010 3:03 am

Experience shared, is experience gained.






Image
User avatar
Thasaidon
Advanced Member
 
Posts: 411
Joined: Tue Feb 05, 2002 9:38 am
Location: The Netherlands
Top

Re: Apache cross site tracing vulnerability???

Postby Lightning » Sat Jan 23, 2010 12:04 pm

You actually are supposed to stop Apache before rotating or removing logs. As I recall Dingetje has some sort of log rotate/delete script for Apache running on his own system. So maybe he will post the script if my memory is correct :wink:
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12081
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA
Top

Re: Apache cross site tracing vulnerability???

Postby Thasaidon » Sat Jan 23, 2010 2:04 pm

Experience shared, is experience gained.






Image
User avatar
Thasaidon
Advanced Member
 
Posts: 411
Joined: Tue Feb 05, 2002 9:38 am
Location: The Netherlands
Top
Post a reply

Return to 3rd Party Package Support for FREESCO v0.3.x

Who is online

Users browsing this forum: No registered users and 0 guests

Powered by phpBB® Forum Software © phpBB Group
cron