It was discovered that suphp, an Apache module to run PHP scripts with owner permissions handles symlinks insecurely, which may lead to privilege escalation by local users. The risk is LOW. May lead to privilege escalation by local users.
Hi there,
I am trying to find info about the commonly used ports and how it can be vulnerable and to identify them?
For example, I would like to identify how to man-in-the-middle using these ports 21(FTP),22(SSH),23(TELNET), (1 Reply)
Hi all,
My server was Debian Etch (4) and had a working suPHP module (version 0.6.2-1). After I dist-upgraded it to Lenny (Debian 5), suPHP (version 0.6.2-3) stopped working. I read in the mailing list that I should change the settings of /etc/suphp/suphp.conf to this form:
;Handler... (1 Reply)
Hello.
Could you please post an example of configuration of Apache + mod_fcgi + suphp? Till now I can get to work only either mod_fcgi or suphp, but not together.
As I understand, suphp binary should be called from FCGIWrapper directive, but it always says, that SCRIPT_NAME variable is not... (0 Replies)
SNMP Vulnerability:
In a few minutes wire services and other news sources will begin
breaking a story about widespread vulnerabilities in SNMP (Simple
Network Management Protocol). Exploits of the vulnerability cause
systems to fail or to be taken over. The vulnerability can be found in... (1 Reply)
Apache::Session::Informix(3pm) User Contributed Perl Documentation Apache::Session::Informix(3pm)NAME
Apache::Session::Informix - An implementation of Apache::Session
SYNOPSIS
use Apache::Session::Informix;
#if you want Apache::Session to open new DB handles:
tie %hash, 'Apache::Session::Informix', $id, {
DataSource => 'dbi:Informix:sessions',
UserName => $db_user,
Password => $db_pass,
Commit => 1
};
#or, if your handles are already opened:
tie %hash, 'Apache::Session::Informix', $id, {
Handle => $dbh,
Commit => 1
};
DESCRIPTION
This module is an implementation of Apache::Session. It uses the Informix backing store and no locking. See the example, and the
documentation for Apache::Session::Store::Informix for more details.
USAGE
The special Apache::Session argument for this module is Commit. You MUST provide the Commit argument, which instructs this module to
either commit the transaction when it is finished, or to simply do nothing. This feature is provided so that this module will not have
adverse interactions with your local transaction policy, nor your local database handle caching policy. The argument is mandatory in order
to make you think about this problem.
This module also respects the LongReadLen argument, which specifies the maximum size of the session object. If not specified, the default
maximum is 8 KB.
AUTHOR
This module was written by Jeffrey William Baker <jwbaker@acm.org>.
SEE ALSO
Apache::Session::File, Apache::Session::Flex, Apache::Session::DB_File, Apache::Session::Postgres, Apache::Session
perl v5.10.1 2010-10-18 Apache::Session::Informix(3pm)